Symbol EX-3524, EX-3548 Reference Manual
EX-3524/EX-3548
Layer 2 Gigabit Ethernet PoE/PoE+ Switch
CLI Reference Guide
www.edge-core.com
Zebra and the Zebra head graphic are registered trademarks of ZIH Corp. The Symbol logo is a
registered trademark of Symbol Technologies, Inc., a Zebra Technologies company.
© 2015 Symbol Technologies, Inc.
– 2 –
How to Use This Guide
This guide includes detailed information on the switch software, including how to
operate and use the management functions of the switch. To deploy this switch
effectively and ensure trouble-free operation, you should first read the relevant
sections in this guide so that you are familiar with all of its software features.
Who Should
Read this Guide?
How this Guide
is Organized
Related
Documentation
This guide is for network administrators who are responsible for operating and
maintaining network equipment. The guide assumes a basic working knowledge of
LANs (Local Area Networks), the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
This guide describes the switch’s command line interface (CLI). For more detailed
information on the switch’s key features refer to the System Reference Guide.
The guide includes these sections:
◆ Section I “Getting Started” — Includes information on initial configuration.
◆ Section II “Command Line Interface” — Includes all management options
available through the CLI.
◆ Section III “App endices” — Includes information on troubleshooting switch
management access.
This guide focuses on switch software configuration through the CLI.
For information on how to manage the switch through the Web management
interface, see the following guide:
System Reference Guide
For information on how to install the switch, see the following guide:
Installation Guide
For all safety information and regulatory statements, see the following documents:
Quick Start Guide
Safety and Regulatory Information
– 3 –
How to Use This Guide
Conventions The following conventions are used throughout this guide to show information:
Note:
Emphasizes important information or calls your attention to related features
or instructions.
Caution:
Alerts you to a potential hazard that could cause loss of data, or damage
the system or equipment.
War ning:
Alerts you to a potential hazard that could cause personal injury.
Revision History This section summarizes the changes in each revision of this guide.
December 2014 Revision
This is the third version of this guide. This guide is valid for software release
v5.0.0.0-07D. This release includes a major change in the underlying software
platform. It contains the following changes:
◆ Updated data displayed by the commands "show access-list tcam-utilization"
on page 99, "show memory" on page 100, and "show process cpu" on page 100
◆ Updated syntax for "show running-config" on page 101.
◆ Added the command "show tech-support" on page 104.
◆ Updated display output for the command "show version" on page 106.
◆ Added the commands "show watchdog" on page 107 and "watchdog software"
on page 107.
◆ Updated syntax for the command "copy" on page 110.
◆ Updated syntax for the command "delete" on page 113.
◆ Added the command "upgrade opcode reload" on page 118
◆ Added the section "TFTP Configuration Commands" on page 118.
◆ Removed the “auto” option from the command "speed" on page 127.
◆ Added the command "terminal" on page 129.
◆ Updated display output for the command "show line" on page 130.
– 4 –
How to Use This Guide
◆ Updated syntax for the commands "logging host" on page 133 and "logging
sendmail host" on page 138.
◆ Added the section "NTP Commands" on page 145.
◆ Added the commands "clock summer-time (predefined)" on page 150 and
"clock summer-time (recurring)" on page 151.
◆ Removed the command “clock timezone-predefined” from the section "Manual
Configuration Commands" on page 149.
◆ Added the section "Adopt Device" on page 164.
◆ Updated syntax for the command "snmp-server enable traps" on page 176.
◆ Added the commands "snmp-server enable port-traps mac-notification" on
page 179 and "show snmp-server enable port-traps" on page 180.
◆ Added the section "Additional Trap Commands" on page 192.
◆ Updated description of “level” parameter for the command "enable password"
on page 204.
◆ Updated description of “access level” parameter for the command "username"
on page 205.
◆ Added the commands "privilege" on page 207 and "show privilege" on
page 207.
◆ Updated syntax for the command "tacacs-server host" on page 215.
◆ Added the commands "tacacs-server retransmit" on page 216 and "tacacs-
server timeout" on page 217.
◆ Added the commands "aaa accounting commands" on page 219 and
"accounting commands" on page 225.
◆ Updated syntax for the command "show accounting" on page 228.
◆ Added the command "dot1x max-reauth-req" on page 248.
◆ Added the section "PPPoE Intermediate Agent" on page 262.
◆ Added the command "mac-learning" on page 272.
◆ Added the command "show port security" on page 275.
◆ Updated syntax for the command "ip dhcp snooping information option" on
page 299.
– 5 –
How to Use This Guide
◆ Added the commands "ip dhcp snooping information option encode no-
subtype" on page 300, "ip dhcp snooping information option remote-id" on
page 301, "ip dhcp snooping limit rate" on page 303, and "ip dhcp snooping
information option circuit-id" on page 305.
◆ Updated display output for the command "show ip dhcp snooping" on
page 308.
◆ Added the section "DHCPv6 Snooping" on page 309.
◆ Updated syntax for the commands "ip source-guard binding" on page 319 and
"ip source-guard max-binding" on page 323.
◆ Added the command "clear ip source-guard binding blocked" on page 323.
◆ Added the command "ip source-guard mode" on page 324.
◆ Updated syntax for the command "show ip source-guard binding" on
page 325.
◆ Added the section "IPv6 Source Guard" on page 326.
◆ Added “allow-zeros” parameter to the command "ip arp inspection validate" on
page 335.
◆ Updated command in the section "Denial of Service Protection" on page 340.
◆ Updated command in the section "Port-based Traffic Segmentation" on
page 346.
◆ Removed “redirect-to” interface options from all permit and deny commands in
the chapter "Access Control Lists" on page 351.
◆ Removed “tos” parameter from the command "permit, deny (Extended IPv4
ACL)" on page 354.
◆ Added “counter” parameter to the commands "ip access-group" on page 356,
"ipv6 access-group" on page 362 and "mac access-group" on page 369.
◆ Updated syntax for the command "permit, deny(MAC ACL)" on page 365.
◆ Added “log” parameter to the command "permit, deny (ARPACL)" on page 371.
◆ Added the command "clear access-list hardware counters" on page 373, and
added “hardware counters” parameter to the command "show access-list" on
page 374.
◆ Removed the “symmetric” parameter from the command "capabilities" on
page 379.
– 6 –
How to Use This Guide
◆ Added the command "media-type" on page 382.
◆ Removed the command “giga-phy-mode” from the chapter "Interface
Commands" on page 377.
◆ Updated display output for the command "show interfaces status" on
page 388.
◆ Added the section "Transceiver Threshold Configuration" on page 390.
◆ Added the command "port-channel load-balance" on page 404, "lacp timeout"
on page 411, and "show port-channel load-balance" on page 415.
◆ Added the commands "power mainpower maximum allocation" on page 418
and "show power mainpower" on page 424.
◆ Removed the command “show power poe” from the chapter "Power over
Ethernet Commands" on page 417.
◆ Updated syntax for the command "port monitor" on page 425.
◆ Reduced the maximum number of mirror sessions from two to one for all
relevant local mirror and remote mirror commands in the chapter "Port
Mirroring Commands" on page 425.
◆ Addedthe chapter "Loopback Detection Commands" on page 453.
◆ Added the command "spanning-tree system-bpdu-flooding" on page 472.
◆ Updated syntax for the command "spanning-tree bpdu-guard" on page 478.
◆ Updated syntax for the command "spanning-tree loopback-detection action"
on page 482.
◆ Added the command "spanning-tree port-bpdu-flooding" on page 486.
◆ Added the command "spanning-tree tc-prop-stop" on page 488.
◆ Updated syntax for the command "show spanning-tree" on page 490.
◆ Added the command "switchport dot1q-tunnel service match cvid" on
page 518.
◆ Updated syntax and display output for the command "show dot1q-tunnel" on
page 520.
◆ Added the section "Configuring L2CP Tunneling" on page 521.
◆ Added the “priority” parameter to the command "protocol-vlan protocol-group
(Configuring Interfaces)" on page 527.
– 7 –
How to Use This Guide
◆ Added the “mask” parameter to the command "mac-vlan" on page 532.
◆ Added the “match-all” option to the command "class-map" on page 554.
◆ Updated syntax for the command "match" on page 556.
◆ Updated range for "Quality of Service Commands" on page 553.
◆ Added the command "ip igmp snooping priority" on page 574.
◆ Added the commands "clear ip igmp snooping groups dynamic" on page 588
and "clear ip igmp snooping statistics" on page 589.
◆ Updated syntax for the command "show ip igmp snooping" on page 589 and
"show ip igmp snooping group" on page 590.
◆ Added the commands "ip igmp authentication" on page 599, "ip igmp query-
drop" on page 603, "ip multicast-data-drop" on page 603, "show ip igmp
authentication" on page 604, "show ip igmp query-drop" on page 606, and
"show ip multicast-data-drop" on page 607.
◆ Added the sections "MLD Snooping" on page 608 and "MLD Filtering and
Throttling" on page 621.
◆ Replaced command set for "Multicast VLAN Registration for IPv4" on page 630.
◆ Added the section "Multicast VLAN Registration for IPv6" on page 654.
◆ Added the command "lldp dot3-tlv mac-phy" on page 684.
◆ Removed the command “ipv6 dhcp client rapid-commit vlan” from the section
"DHCP for IPv6" on page 716.
◆ Updated syntax for the command "ip address" on page 724.
◆ Added the command "traceroute6" on page 752.
◆ Added the command "ipv6 nd raguard" on page 757 and "show ipv6 nd
raguard" on page 759.
◆ Added the section "ND Snooping" on page 761.
◆ Added the command "ip sw-route" on page 772.
September 2014 Revision
This is the second version of this guide. This guide is valid for software release
v4.0.1.0-04R. It contains the following changes:
◆ Updated syntax description for the command "snmp-server user" on page 183.
– 8 –
How to Use This Guide
◆ Added the command "clear ip dhcp snooping binding" on page 307.
◆ Updated description for the command "spanning-tree bpdu-filter" on
page 477.
◆ Updated usage information for the command "spanning-tree port-priority" on
page 486.
◆ Updated syntax for the command "switchport trunk allowed vlan" on page 509.
◆ Updated syntax for the command "switchport trunk native vlan" on page 510.
◆ Added the commands "switchport trunk allowed vlan" on page 509 and
"switchport trunk native vlan" on page 510.
◆ Updated configuration procedure for protocol-based VLANs. See "Configuring
Protocol-based VLANs" on page 525.
◆ Updated command usage for "subnet-vlan" on page 530.
◆ Updated command usage for "mac-vlan" on page 532.
◆ Updated usage information for the command "voice vlan aging" on page 535.
◆ Updated usage information for the command "show voice vlan" on page 539.
◆ Added the command "show lldp neighbors" on page 696.
◆ Updated display text for the command “show cdp neighbors detail” on
page 703.
◆ Changed default setting for the command "ip dhcp client class-id" on page 714.
◆ Removed the command “show ip dhcp client-identifier” on page 542.
◆ Updated output display for the command "show ip interface" on page 727.
March 2014 Revision
This is the first version of this guide. This guide is valid for software release
v4.0.0.0-02R.
– 9 –
How to Use This Guide
– 10 –
Contents
How to Use This Guide 3
Contents 11
Figures 41
Tables 43
Section I Getting Started 49
1 Initial Switch Configuration 51
Connecting to the Switch 51
Configuration Options 51
Connecting to the Console Port 52
Logging Onto the Command Line Interface 53
Setting Passwords 53
Remote Connections 54
Configuring the Switch for Remote Management 55
Using the Network Interface 55
Setting an IP Address 55
Enabling SNMP Management Access 61
Managing System Files 63
Upgrading the Operation Code 64
Saving or Restoring Configuration Settings 65
Automatic Installation of Operation Code and Configuration Settings 66
Downloading Operation Code from a File Server 66
Specifying a DHCP Client Identifier 69
Downloading a Configuration File Referenced by a DHCP Server 69
Setting the System Clock 71
Setting the Time Manually 72
Configuring SNTP 72
– 11 –
Contents
Configuring NTP 73
Section II Command Line Interface 75
2 Using the Command Line Interface 77
Accessing the CLI 77
Console Connection 77
Telnet Connection 78
Entering Commands 79
Keywords and Arguments 79
Minimum Abbreviation 79
Command Completion 79
Getting Help on Commands 80
Partial Keyword Lookup 82
Negating the Effect of Commands 82
Using Command History 82
Understanding Command Modes 82
Exec Commands 83
Configuration Commands 83
Command Line Processing 85
CLI Command Groups 86
3 General Commands 89
prompt 89
reload (Global Configuration) 90
enable 91
quit 92
show history 92
configure 93
disable 94
reload (Privileged Exec) 94
show reload 95
end 95
exit 95
– 12 –
Contents
4 System Management Commands 97
Device Designation 97
hostname 98
System Status 98
show access-list tcam-utilization 99
show memory 100
show process cpu 100
show running-config 101
show startup-config 102
show system 103
show tech-support 104
show users 105
show version 106
show watchdog 107
watchdog software 107
Frame Size 107
jumbo frame 107
File Management 108
General Commands 109
boot system 109
copy 110
delete 113
dir 114
whichboot 115
Automatic Code Upgrade Commands 115
upgrade opcode auto 115
upgrade opcode path 117
upgrade opcode reload 118
show upgrade 118
TFTP Configuration Commands 118
Line 120
ip tftp retry 118
ip tftp timeout 119
show ip tftp 119
line 121
– 13 –
Contents
databits 121
exec-timeout 122
login 123
parity 124
password 124
password-thresh 125
silent-time 126
speed 127
stopbits 127
timeout login response 128
disconnect 129
terminal 129
show line 130
Event Logging 131
logging facility 131
logging history 132
logging host 133
logging on 133
logging trap 134
clear log 135
show log 135
show logging 136
SMTP Alerts 138
logging sendmail 138
logging sendmail host 138
logging sendmail level 139
logging sendmail destination-email 140
logging sendmail source-email 140
show logging sendmail 141
Time 141
SNTP Commands 142
sntp client 142
sntp poll 143
sntp server 144
show sntp 144
– 14 –
Contents
NTP Commands 145
ntp authenticate 145
ntp authentication-key 146
ntp client 147
ntp server 147
show ntp 148
Manual Configuration Commands 149
clock summer-time (date) 149
clock summer-time (predefined) 150
clock summer-time (recurring) 151
clock timezone 153
calendar set 153
show calendar 154
Time Range 155
time-range 155
absolute 156
periodic 157
show time-range 158
Switch Clustering 158
cluster 159
cluster commander 160
cluster ip-pool 161
cluster member 161
rcommand 162
show cluster 163
show cluster members 163
show cluster candidates 163
Adopt Device 164
controller hello-interval adjacency-hold-time 166
controller host ip address 166
adoptd upgrade 167
debug adoption 168
no adoption 168
show adoption debug 168
show adoption history 169
– 15 –
Contents
show adoption status 170
5 SNMP Commands 171
General SNMP Commands 173
snmp-server 173
snmp-server community 173
snmp-server contact 174
snmp-server location 175
show snmp 175
SNMP Target Host Commands 176
snmp-server enable traps 176
snmp-server host 177
snmp-server enable port-traps mac-notification 179
show snmp-server enable port-traps 180
SNMPv3 Commands 181
snmp-server engine-id 181
snmp-server group 182
snmp-server user 183
snmp-server view 185
show snmp engine-id 186
show snmp group 186
show snmp user 187
show snmp view 188
Notification Log Commands 189
nlm 189
snmp-server notify-filter 190
show nlm oper-status 191
show snmp notify-filter 191
Additional Trap Commands 192
memory 192
6 Remote Monitoring Commands 195
process cpu 192
rmon alarm 196
rmon event 197
rmon collection history 198
– 16 –
Contents
rmon collection rmon1 199
show rmon alarms 200
show rmon events 200
show rmon history 200
show rmon statistics 201
7 Authentication Commands 203
User Accounts and Privilege Levels 204
enable password 204
username 205
privilege 207
show privilege 207
Authentication Sequence 208
authentication enable 208
authentication login 209
RADIUS Client 210
radius-server acct-port 210
radius-server auth-port 211
radius-server host 211
radius-server key 212
radius-server retransmit 213
radius-server timeout 213
show radius-server 214
TACACS+ Client 214
tacacs-server host 215
tacacs-server key 215
tacacs-server port 216
tacacs-server retransmit 216
tacacs-server timeout 217
show tacacs-server 217
AAA 218
aaa accounting commands 219
aaa accounting dot1x 220
aaa accounting exec 220
aaa accounting update 221
– 17 –
Contents
aaa authorization commands 222
aaa authorization exec 223
aaa group server 224
server 224
accounting dot1x 225
accounting commands 225
accounting exec 226
authorization commands 227
authorization exec 227
show accounting 228
Web Server 229
ip http port 229
ip http server 230
ip http secure-port 230
ip http secure-server 231
Telnet Server 232
ip telnet max-sessions 233
ip telnet port 233
ip telnet server 234
show ip telnet 234
Secure Shell 234
ip ssh authentication-retries 237
ip ssh server 238
ip ssh server-key size 239
ip ssh timeout 239
delete public-key 240
ip ssh crypto host-key generate 240
ip ssh crypto zeroize 241
ip ssh save host-key 242
802.1X Port Authentication 244
General Commands 245
show ip ssh 242
show public-key 243
show ssh 244
dot1x default 245
– 18 –
Contents
dot1x eapol-pass-through 246
dot1x system-auth-control 247
Authenticator Commands 247
dot1x intrusion-action 247
dot1x max-reauth-req 248
dot1x max-req 248
dot1x operation-mode 249
dot1x port-control 250
dot1x re-authentication 250
dot1x timeout quiet-period 251
dot1x timeout re-authperiod 251
dot1x timeout supp-timeout 252
dot1x timeout tx-period 252
dot1x re-authenticate 253
Supplicant Commands 254
dot1x identity profile 254
dot1x max-start 254
dot1x pae supplicant 255
dot1x timeout auth-period 256
dot1x timeout held-period 256
dot1x timeout start-period 257
Information Display Commands 257
show dot1x 257
Management IP Filter 260
management 260
show management 261
PPPoE Intermediate Agent 262
pppoe intermediate-agent 263
pppoe intermediate-agent format-type 263
pppoe intermediate-agent port-enable 264
pppoe intermediate-agent port-format-type 265
pppoe intermediate-agent port-format-type remote-id-delimiter 266
pppoe intermediate-agent trust 266
pppoe intermediate-agent vendor-tag strip 267
clear pppoe intermediate-agent statistics 267
– 19 –
Contents
show pppoe intermediate-agent info 268
show pppoe intermediate-agent statistics 269
8 General Security Measures 271
Port Security 272
mac-learning 272
port security 273
show port security 275
Network Access (MAC Address Authentication) 277
network-access aging 278
network-access mac-filter 278
mac-authentication reauth-time 279
network-access dynamic-qos 280
network-access dynamic-vlan 281
network-access guest-vlan 282
network-access link-detection 282
network-access link-detection link-down 283
network-access link-detection link-up 283
network-access link-detection link-up-down 284
network-access max-mac-count 284
network-access mode mac-authentication 285
network-access port-mac-filter 286
mac-authentication intrusion-action 287
mac-authentication max-mac-count 287
clear network-access 288
show network-access 288
show network-access mac-address-table 289
show network-access mac-filter 290
Web Authentication 290
web-auth login-attempts 291
web-auth quiet-period 292
web-auth session-timeout 292
web-auth system-auth-control 293
web-auth 293
web-auth re-authenticate (Port) 294
– 20 –
Contents
web-auth re-authenticate (IP) 294
show web-auth 295
show web-auth interface 295
show web-auth summary 296
DHCPv4 Snooping 296
ip dhcp snooping 297
ip dhcp snooping information option 299
ip dhcp snooping information option encode no-subtype 300
ip dhcp snooping information option remote-id 301
ip dhcp snooping information policy 302
ip dhcp snooping limit rate 303
ip dhcp snooping verify mac-address 303
ip dhcp snooping vlan 304
ip dhcp snooping information option circuit-id 305
ip dhcp snooping trust 306
clear ip dhcp snooping binding 307
clear ip dhcp snooping database flash 307
ip dhcp snooping database flash 308
show ip dhcp snooping 308
show ip dhcp snooping binding 309
DHCPv6 Snooping 309
ipv6 dhcp snooping 310
ipv6 dhcp snooping option remote-id 312
ipv6 dhcp snooping option remote-id policy 313
ipv6 dhcp snooping vlan 314
ipv6 dhcp snooping max-binding 315
ipv6 dhcp snooping trust 315
clear ipv6 dhcp snooping binding 316
clear ipv6 dhcp snooping statistics 317
IPv4 Source Guard 319
show ipv6 dhcp snooping 317
show ipv6 dhcp snooping binding 318
show ipv6 dhcp snooping statistics 318
ip source-guard binding 319
ip source-guard 321
– 21 –
Contents
ip source-guard max-binding 323
clear ip source-guard binding blocked 323
ip source-guard mode 324
show ip source-guard 325
show ip source-guard binding 325
IPv6 Source Guard 326
ipv6 source-guard binding 326
ipv6 source-guard 328
ipv6 source-guard max-binding 329
show ipv6 source-guard 330
show ipv6 source-guard binding 331
ARP Inspection 331
ip arp inspection 332
ip arp inspection filter 333
ip arp inspection log-buffer logs 334
ip arp inspection validate 335
ip arp inspection vlan 336
ip arp inspection limit 337
ip arp inspection trust 337
show ip arp inspection configuration 338
show ip arp inspection interface 338
show ip arp inspection log 339
show ip arp inspection statistics 339
show ip arp inspection vlan 340
Denial of Service Protection 340
dos-protection echo-chargen 341
dos-protection smurf 341
dos-protection tcp-flooding 342
dos-protection tcp-null-scan 342
dos-protection tcp-syn-fin-scan 343
dos-protection tcp-udp-port-zero 343
dos-protection tcp-xmas-scan 344
dos-protection udp-flooding 344
dos-protection win-nuke 345
show dos-protection 345
– 22 –
Contents
Port-based Traffic Segmentation 346
traffic-segmentation 346
traffic-segmentation session 347
traffic-segmentation uplink/downlink 348
traffic-segmentation uplink-to-uplink 349
show traffic-segmentation 350
9 Access Control Lists 351
IPv4 ACLs 351
access-list ip 352
permit, deny (Standard IP ACL) 353
permit, deny (Extended IPv4 ACL) 354
ip access-group 356
show ip access-group 357
show ip access-list 357
IPv6 ACLs 358
access-list ipv6 358
permit, deny (Standard IPv6 ACL) 359
permit, deny (Extended IPv6 ACL) 360
ipv6 access-group 362
show ipv6 access-group 363
show ipv6 access-list 363
MAC ACLs 364
access-list mac 364
permit, deny(MAC ACL) 365
mac access-group 369
show mac access-group 369
show mac access-list 370
ARP ACLs 370
access-list arp 370
ACL Information 373
permit, deny (ARP ACL) 371
show access-list arp 372
show arp access-list 373
clear access-list hardware counters 373
– 23 –
Contents
show access-group 374
show access-list 374
10 Interface Commands 377
Interface Configuration 378
interface 378
alias 379
capabilities 379
description 381
flowcontrol 381
media-type 382
negotiation 383
shutdown 383
speed-duplex 384
clear counters 385
show interfaces brief 386
show interfaces counters 386
show interfaces status 388
show interfaces switchport 389
Transceiver Threshold Configuration 390
transceiver-monitor 390
transceiver-threshold-auto 391
transceiver-threshold current 391
transceiver-threshold rx-power 393
transceiver-threshold temperature 394
transceiver-threshold tx-power 395
transceiver-threshold voltage 396
show interfaces transceiver 397
show interfaces transceiver-threshold 398
Cable Diagnostics 399
Power Savings 401
test cable-diagnostics 399
show cable-diagnostics 400
power-save 401
show power-save 402
– 24 –
Contents
11 Link Aggregation Commands 403
Manual Configuration Commands 404
port-channel load-balance 404
channel-group 406
Dynamic Configuration Commands 406
lacp 406
lacp admin-key (Ethernet Interface) 408
lacp port-priority 409
lacp system-priority 410
lacp admin-key (Port Channel) 410
lacp timeout 411
Trunk Status Display Commands 412
show lacp 412
show port-channel load-balance 415
12 Power over Ethernet Commands 417
power inline compatible 417
power mainpower maximum allocation 418
power inline 419
power inline maximum allocation 420
power inline priority 421
power inline time-range 422
show power inline status 423
show power inline time-range 424
show power mainpower 424
13 Port Mirroring Commands 425
Local Port Mirroring Commands 425
port monitor 425
show port monitor 428
RSPAN Mirroring Commands 428
rspan source 430
rspan destination 431
rspan remote vlan 432
no rspan session 433
show rspan 434
– 25 –
Contents
14 Congestion Control Commands 435
Rate Limit Commands 435
rate-limit 436
Storm Control Commands 437
switchport packet-rate 437
Automatic Traffic Control Commands 438
Threshold Commands 441
auto-traffic-control apply-timer 441
auto-traffic-control release-timer 442
auto-traffic-control 443
auto-traffic-control action 443
auto-traffic-control alarm-clear-threshold 444
auto-traffic-control alarm-fire-threshold 445
auto-traffic-control auto-control-release 446
auto-traffic-control control-release 447
SNMP Trap Commands 447
snmp-server enable port-traps atc broadcast-alarm-clear 447
snmp-server enable port-traps atc broadcast-alarm-fire 448
snmp-server enable port-traps atc broadcast-control-apply 448
snmp-server enable port-traps atc broadcast-control-release 449
snmp-server enable port-traps atc multicast-alarm-clear 449
snmp-server enable port-traps atc multicast-alarm-fire 450
snmp-server enable port-traps atc multicast-control-apply 450
snmp-server enable port-traps atc multicast-control-release 451
ATC Display Commands 451
show auto-traffic-control 451
show auto-traffic-control interface 452
15 Loopback Detection Commands 453
loopback-detection 454
loopback-detection action 454
loopback-detection recover-time 455
loopback-detection transmit-interval 456
loopback detection trap 456
loopback-detection release 457
– 26 –
Contents
show loopback-detection 458
16 Address Table Commands 459
mac-address-table aging-time 459
mac-address-table static 460
clear mac-address-table dynamic 461
show mac-address-table 461
show mac-address-table aging-time 462
show mac-address-table count 462
17 Spanning Tree Commands 465
spanning-tree 466
spanning-tree cisco-prestandard 467
spanning-tree forward-time 467
spanning-tree hello-time 468
spanning-tree max-age 469
spanning-tree mode 469
spanning-tree pathcost method 471
spanning-tree priority 471
spanning-tree mst configuration 472
spanning-tree system-bpdu-flooding 472
spanning-tree transmission-limit 473
max-hops 474
mst priority 474
mst vlan 475
name 476
revision 476
spanning-tree bpdu-filter 477
spanning-tree bpdu-guard 478
spanning-tree cost 479
spanning-tree edge-port 480
spanning-tree link-type 481
spanning-tree loopback-detection 481
spanning-tree loopback-detection action 482
spanning-tree loopback-detection release-mode 483
spanning-tree loopback-detection trap 484
– 27 –
Contents
spanning-tree mst cost 484
spanning-tree mst port-priority 485
spanning-tree port-bpdu-flooding 486
spanning-tree port-priority 486
spanning-tree root-guard 487
spanning-tree spanning-disabled 488
spanning-tree tc-prop-stop 488
spanning-tree loopback-detection release 489
spanning-tree protocol-migration 490
show spanning-tree 490
show spanning-tree mst configuration 493
18 VLAN Commands 495
GVRP and Bridge Extension Commands 496
bridge-ext gvrp 496
garp timer 497
switchport forbidden vlan 498
switchport gvrp 499
show bridge-ext 499
show garp timer 500
show gvrp configuration 501
Editing VLAN Groups 501
vlan database 502
vlan 502
Configuring VLAN Interfaces 503
interface vlan 504
switchport acceptable-frame-types 505
switchport allowed vlan 506
switchport ingress-filtering 507
switchport mode 508
Displaying VLAN Information 513
switchport native vlan 509
switchport trunk allowed vlan 509
switchport trunk native vlan 510
vlan-trunking 511
– 28 –
Contents
show vlan 513
Configuring IEEE 802.1Q Tunneling 514
dot1q-tunnel system-tunnel-control 515
dot1q-tunnel tpid 516
switchport dot1q-tunnel mode 517
switchport dot1q-tunnel service match cvid 518
show dot1q-tunnel 520
Configuring L2CP Tunneling 521
l2protocol-tunnel tunnel-dmac 521
switchport l2protocol-tunnel 524
show l2protocol-tunnel 525
Configuring Protocol-based VLANs 525
protocol-vlan protocol-group (Configuring Groups) 526
protocol-vlan protocol-group (Configuring Interfaces) 527
show protocol-vlan protocol-group 528
show interfaces protocol-vlan protocol-group 528
Configuring IP Subnet VLANs 529
subnet-vlan 530
show subnet-vlan 531
Configuring MAC Based VLANs 531
mac-vlan 532
show mac-vlan 533
Configuring Voice VLANs 533
voice vlan 534
voice vlan aging 535
voice vlan mac-address 536
switchport voice vlan 537
switchport voice vlan priority 537
switchport voice vlan rule 538
19 Class of Service Commands 541
Priority Commands (Layer 2) 541
switchport voice vlan security 539
show voice vlan 539
queue mode 542
– 29 –
Contents
queue weight 543
switchport priority default 544
show queue mode 545
show queue weight 545
Priority Commands (Layer 3 and 4) 546
qos map cos-dscp 546
qos map dscp-mutation 548
qos map phb-queue 549
qos map trust-mode 550
show qos map cos-dscp 551
show qos map dscp-mutation 551
show qos map phb-queue 552
show qos map trust-mode 552
20 Quality of Service Commands 553
class-map 554
description 555
match 556
rename 557
policy-map 557
class 558
police flow 559
police srtcm-color 561
police trtcm-color 563
set cos 565
set ip dscp 566
set phb 567
service-policy 568
show class-map 569
show policy-map 569
21 Multicast Filtering Commands 571
IGMP Snooping 572
show policy-map interface 570
ip igmp snooping 573
ip igmp snooping priority 574
– 30 –
Loading...