Avaya Bsg8 12 1 0 Users Manual BSG8_12 Command Reference
2015-06-01
: Avaya Avaya-Bsg8-12-1-0-Users-Manual-736504 avaya-bsg8-12-1-0-users-manual-736504 avaya pdf
Open the PDF directly: View PDF .
Page Count: 862
Download | |
Open PDF In Browser | View PDF |
Commands Reference BSG8ew 1.0 and BSG12ew/aw/tw 1.0 Business Services Gateway Document Status: Standard Document Number: NN47928-100 Document Version: 02.02 Date: September 2008 Copyright © 2007–2008 Nortel Networks, All Rights Reserved All rights reserved. The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks. Trademarks Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks. Microsoft, MS, MS-DOS, Windows, and Windows NT are trademarks of Microsoft Corporation. All other trademarks and registered trademarks are the property of their respective owners. Contents 3 Contents New in this release. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Layer 2 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Layer 3 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 BSG commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Wireless commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Getting Help from the Nortel Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Getting Help over the phone from a Nortel Solutions Center . . . . . . . . . . . . . . . . . . . 29 Getting Help from a specialist by using an Express Routing Code . . . . . . . . . . . . . . . 29 Getting Help through a Nortel distributor or reseller . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Logging on to the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Layer 2 command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Protocol-specific modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Layer 3 command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Protocol Independent Multicast component mode . . . . . . . . . . . . . . . . . . . . . . . . 37 Router configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 VRRP router configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 VRRP interface configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Technical Report 69 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Hierarchy of command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 Using command modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Privileged Exec mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Global configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Interface configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 Config-VLAN mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Line configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Layer 2 commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Spanning Tree Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 clear spanning-tree counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 clear spanning-tree detected protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 debug spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Commands Reference 4 Contents revision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52 show spanning-tree bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53 show spanning-tree—detail, active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 show spanning-tree interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 show spanning-tree—summary, blockedports, pathcost . . . . . . . . . . . . . . . . . . . 56 show spanning-tree mst—CIST or specified mst Instance . . . . . . . . . . . . . . . . . . 57 show spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 show spanning-tree mst—common internal spanning tree or specified mst instance 59 show spanning-tree mst—port-specific configuration . . . . . . . . . . . . . . . . . . . . . . 60 show spanning-tree root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 shutdown spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 spanning-tree compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 spanning-tree mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 spanning-tree auto-edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 spanning-tree mst hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 spanning-tree mst max-hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 spanning-tree pathcost dynamic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 spanning-tree path cost method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 spanning-tree - Properties of an interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 spanning-tree mst - Properties of an interface for MSTP . . . . . . . . . . . . . . . . . . . 74 spanning-tree timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 spanning-tree transmit hold-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76 Port based network access control commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 aaa authentication dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 debug dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 dot1x access-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 dot1x control-direction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 dot1x init-session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 dot1x init-session-reauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 dot1x auth-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 dot1x local-database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 dot1x max-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 dot1x max-start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 dot1x port-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 dot1x re-authenticate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 dot1x reauthentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 dot1x system-auth-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 dot1x timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 NN47928-100 Contents 5 set nas-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 show dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 shutdown dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Remote Authentication Dial-in User Service commands . . . . . . . . . . . . . . . . . . . . . . . 98 debug radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 radius-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 show radius server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 show radius statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 TACACS commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 debug tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 show tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 tacacs-server retransmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 tacacs use-server address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 Internet Group Management Protocol snooping commands . . . . . . . . . . . . . . . . . . . 109 debug ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 ip igmp snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 ip igmp snooping group-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 ip igmp snooping mrouter-time-out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 ip igmp snooping port-purge-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 ip igmp snooping proxy-reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 ip igmp snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 ip igmp snooping query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 ip igmp snooping report-forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 ip igmp snooping report-suppression-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 ip igmp snooping retry-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 ip igmp snooping version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 show ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124 show ip igmp snooping forwarding-database . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 show ip igmp snooping globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 show ip igmp snooping groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 show ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 show ip igmp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 shutdown snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 snooping multicast-forwarding-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Syslog commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 clear logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 cmdbuffs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 mailserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Commands Reference 6 Contents receiver mail-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 sender mail-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 show email alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 show logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Secure Shell commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 debug ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 show ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 Secure Sockets Layer commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 debug ssl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 ip http secure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148 show ip http secure server status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 show ssl server-cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 ssl gen cert-req algo rsa sn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 ssl server-cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 System feature commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 archive download-sw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 archive select . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 authorized-manager ip-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 base-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 cli console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 clock set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 copy-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 copy logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 copy startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 debug-logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 default ip address allocation protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 default management port ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 default mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 default restore-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 default tr69 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 default vlan mgmt port ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 disable login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 dump network status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 enable login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 flowcontrol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 jumbo frame support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 ip address—DHCP, RARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 NN47928-100 Contents 7 ip address negotiated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 ip http port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 login authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 mac-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 mtu frame size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 network-type wan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 private link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 set bootdelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 set ip http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 show authorized-managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 show debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 show debug-logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 show files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 show flow-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 show http server status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 show ip interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 show interface mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 show interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 show interfaces—counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 show management vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205 show nvram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 show running config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 show sub-system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 show system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 show tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 show uplink rate-limit status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 shutdown—physical/VLAN/port-channel/tunnel/PPP Interface . . . . . . . . . . . . . . 212 snmp trap link-status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 switch name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 system set factory default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216 tunnel checksum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 tunnel mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 tunnel path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219 tunnel udlr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 uplink rate limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 uplink rate limit enable / disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222 write . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 Power over Ethernet commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224 power inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 Commands Reference 8 Contents power inline priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 set poe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 show power detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 show power inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 System commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 clear screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232 close line vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 configure terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 enable password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237 end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238 exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243 line configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 listgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 listuser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246 lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 moduser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 pagination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 run script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252 show aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 show history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 show line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 show privilege . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256 show users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 RMON commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 rmon collection stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264 set rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 show rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 Virtual local area network commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267 debug vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 NN47928-100 Contents 9 group restricted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 mac-address-table static multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 mac-address-table static unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275 map protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 port protocol-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 protocol-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 set garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280 set gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281 set gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282 set port gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283 set port gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 show garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 show mac-address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 show mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 show mac-address-table count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 show mac-address-table dynamic multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 show mac-address-table dynamic unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 show mac-address-table static multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 show mac-address-table static unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 show protocol-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294 show vlan device capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 show vlan device info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 show vlan port config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 show vlan protocols-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 shutdown garp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299 switchport acceptable-frame-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 switchport ingress-filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 switchport map protocols-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302 switchport mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303 switchport priority default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304 switchport pvid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306 vlan map-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 vlan restricted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308 Dynamic host configuration protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 DHCP client commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 debug ip dhcp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312 release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 Commands Reference 10 Contents renew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314 show ip dhcp client stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315 DHCP relay commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316 debug ip dhcp relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316 ip dhcp relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317 ip dhcp relay information option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318 ip dhcp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319 service dhcp-relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320 show dhcp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321 show ip dhcp relay information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322 show ip dhcp relay interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323 DHCP server commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324 debug ip dhcp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324 default-router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 dns-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 domain-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 excluded-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 host hardware-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329 ip dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 ip dhcp bootfile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 ip dhcp device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 ip dhcp next-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 ip dhcp option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 ip dhcp pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335 lease . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336 netbios-name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 netbios-node-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338 network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340 service dhcp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341 show ip dhcp server binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 show ip dhcp server devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 show ip dhcp server information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344 show ip dhcp server pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 show ip dhcp server statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 show snmp-server traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 utilization threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 Simple Network Management Protocol version 3 commands . . . . . . . . . . . . . . . . . . 349 show snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 show snmp agent information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352 show snmp community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 show snmp engineID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354 NN47928-100 Contents 11 show snmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 show snmp group access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 show snmp inform statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357 show snmp notif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 show snmp-server traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359 show snmp targetaddr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360 show snmp targetparam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 show snmp user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 show snmp viewtree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363 snmp agent status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 snmp allowed version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 snmp access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366 snmp community index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368 snmp engineid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 snmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 snmp notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372 snmp-server enable traps snmp authentication . . . . . . . . . . . . . . . . . . . . . . . . . 373 snmp targetaddr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374 snmp targetparams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 snmp user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 snmp view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 snmp-server enable traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380 system contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 system location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382 Layer 3 commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383 Internet Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384 arp timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386 arp—IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387 ip aggregate-route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 ip arp max-retries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389 ip default-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390 ip directed-broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391 ip echo-reply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392 ip mask-reply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393 ip path mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394 ip path mtu discover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 ip rarp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 ip rarp client request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 ip redirects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398 ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399 ip routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 ip unreachables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 Commands Reference 12 Contents maximum-paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403 show ip arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 show ip information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 show ip pmtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 show ip rarp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407 show ip traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 show ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 traffic-share . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 Internet Group Management Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 debug ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 ip igmp immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 ip igmp last-member-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 ip igmp query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 ip igmp query-max-response-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 ip igmp robustness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 ip igmp static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 ip igmp version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419 no ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420 set ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 show ip igmp global-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 show ip igmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423 show ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424 show ip igmp sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425 show ip igmp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426 Route redistribution commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427 as-num . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428 default redistribute-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429 export ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430 redistribute-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431 router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432 show ip protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433 show redistribute information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434 show redistribute-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 Virtual router redundancy protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436 debug VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437 interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438 router vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439 show vrrp —vrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440 show vrrp interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441 vrrp-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442 vrrp-ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443 NN47928-100 Contents 13 vrrp—preempt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444 vrrp—priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445 vrrp - text-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446 Routing Information Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447 auto-summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 debug ip rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449 default-metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450 ip rip authentication mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451 ip rip default route originate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452 ip rip receive version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 ip rip retransmission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454 ip rip security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455 ip rip send version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456 ip rip summary-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457 ip spilt-horizon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459 network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460 output-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 passive-interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 router rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 show ip rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465 timers basic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 Open Shortest Path First commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 abr-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 area—default cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470 area—nssa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471 area—range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472 area—stability-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 area—stub . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475 area—translation-role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476 area—virtual-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477 ASBR Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 compatible rfc1583 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 debug ip ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481 default-information originate always . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482 ip ospf authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483 ip ospf authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484 ip ospf cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485 ip ospf dead-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486 ip ospf demand-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487 ip ospf hello-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488 Commands Reference 14 Contents ip ospf message-digest-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 ip ospf network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 ip ospf priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 ip ospf retransmit-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492 ip ospf transmit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494 network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 passive-interface default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496 passive-interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497 redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498 redist-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499 router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500 router ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 set nssa asbr-default-route translator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502 show ip ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503 show ip ospf border-routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 show ip ospf—database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 505 show ip ospf—database summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506 show ip ospf interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507 show ip ospf neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 508 show ip ospf request-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509 show ip ospf retransmission-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 show ip ospf route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511 show ip ospf—summary address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512 show ip ospf virtual-links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513 summary-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514 Session Initiation Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516 add dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518 add sipserver MaximumSimWANCallsAllowed . . . . . . . . . . . . . . . . . . . . . . . . . . 519 add subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520 bsg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521 CDR Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522 delete dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523 delete sipserver MaximumSimWANCallsAllowed . . . . . . . . . . . . . . . . . . . . . . . . 524 delete subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525 dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526 domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 protocolheader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528 proxypolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529 registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530 reload dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531 set sipserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532 NN47928-100 Contents 15 set sipserver BackupModeGlobalDialPlanName . . . . . . . . . . . . . . . . . . . . . . . . 533 set sipserver—Brief / Detailed Traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 set sipserver CDRDirectoryPath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535 set sipserver CDRGeneration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536 set sipserver DNSLookupTimeOut . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537 set sipserver domain name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538 set sipserver Dynamic Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539 set sipserver EnableSessionTimerRangeValidations . . . . . . . . . . . . . . . . . . . . . 540 set sipserver ForkingPolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541 set sipserver –max/min/default timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542 set sipserver - MaximumRegistrationPeriod . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 set sipserver MaximumSimWANCallsAllowed . . . . . . . . . . . . . . . . . . . . . . . . . . 544 set sipserver MinimumRegistrationPeriod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545 set sipserver NormalModeGlobalDialPlanName . . . . . . . . . . . . . . . . . . . . . . . . . 546 set sipserver OrganizationHeader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547 set sipserver PolledServers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 set sipserver ServerHeader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549 set sipserver SIP Message Dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 set sipserver TFTPServerAddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551 set sipserver - timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552 show sipserver ActiveWANCallCount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554 show sipserver CDRDirectoryPath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555 show sipserver CDRGeneration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 show sipserver dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 557 show sipserver DynamicSubscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558 show sipserver NormalModeGlobalDialPlanName . . . . . . . . . . . . . . . . . . . . . . . 559 show sipserver OrganizationHeader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560 show sipserver - Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 show sipserver - Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562 show sipserver –scope bsg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563 show sipserver serverdomainname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 564 show sipserver – Session Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 show sipserver status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566 show sipserver subscriber details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 show sipserver TFTPServerAddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568 show sipserver - Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569 show sipserver - Traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570 sip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571 sip – enable/disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572 timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573 trace sip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574 traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 Commands Reference 16 Contents transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576 update subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577 Linux tunnel commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 clear dns—server cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579 copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580 copy ftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581 debug linuxtun . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582 dns-server forwarder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583 dns-server forwarder – enable/disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584 dns-server forwarder zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585 set dns—server cache timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 586 show dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587 show tftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 588 telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589 tftp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590 tftp-server topdir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591 BSG commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593 Firewall commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594 access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596 clear global statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 597 clear interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598 commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 600 dmz . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602 filter add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603 firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604 icmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605 icmp inspect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606 ip filter fragments large . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 ip inspect option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608 ip inspect tcp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609 ip inspect tcp half open . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 610 ip inspect tcp syn wait . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 611 ip verify reverse path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 612 netbios filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613 no filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614 show firewall access-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 show firewall config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616 show firewall dmz host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617 show firewall filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618 show firewall half open connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619 NN47928-100 Contents 17 show firewall interface config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 620 show firewall interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 show firewall logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622 show firewall stateful table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623 show firewall stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624 show url filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625 trap threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 untrusted port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627 url filter add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628 url filter delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629 url filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 630 Point-to-Point Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631 debug ppp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 keep-alive timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 633 layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 634 multilink-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 635 peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636 ppp authenticate username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 637 ppp chap hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638 ppp username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639 uplink rate limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 640 Simple Network Time Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641 clock summer-time recurring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642 show sntp clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643 show sntp status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644 sntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645 sntp authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646 sntp—enable/disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 647 sntp no time zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 648 sntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649 sntp set poll-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 650 sntp time zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651 Network Address Translation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 652 debug nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653 disable virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 654 enable virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655 interface nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 656 ip nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657 ip nat pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658 ip nat—timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 659 no virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 660 portrange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661 Commands Reference 18 Contents port trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 662 show ip nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663 show ip nat interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664 show nat config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665 show portrange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 666 show port trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 667 show port trigger reserved list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668 show virtual servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 669 static nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 670 virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671 Virtual private network policy commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 672 access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673 clear vpn logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 674 crypto ipsec mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675 crypto key mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 676 crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677 crypto map - Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678 crypto map ipsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679 ip ra-vpn pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 680 isakmp peer identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681 isakmp policy encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682 ra-vpn username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 683 set local identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 684 set peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 685 set session key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 686 set vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 687 show crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 688 show ra-vpn users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 689 show ra-vpn address-pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 690 show vpn config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 show vpn global statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 show vpn IKE statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693 show vpn logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694 show vpn remote—ids . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695 vpn remote identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696 Diffserv commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 697 class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 698 class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 699 no policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701 police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702 policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 703 queue threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 704 NN47928-100 Contents 19 queue weight . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 705 set qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 706 set vlan traffic-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 707 show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 708 show policer statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 709 show policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 710 show qos default dhcp-dot1p mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 711 show qos status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 712 show queue stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 show queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 714 show vlan port config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715 show vlan traffic-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716 shutdown qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 switchport priority default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 718 vlan map—priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719 vlan max-traffic-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 720 Access control list commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 721 deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 722 mac access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724 mac access-list extended . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 725 permit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 726 show access-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 728 VOIP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729 reboot voip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 731 set country code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732 set default codec type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 733 set default g723 encoding rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734 set default silent suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 735 set digital dial timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 736 set dtmf relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 737 set dtmf rtp payload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 738 set fxo emergency-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 set fxo forward phone-no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 740 set fxo hook detect time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741 set fxo channel-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 742 set fxo phone-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 743 set fxo ring count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744 set fxs call-forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745 set fxs call-forward number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746 set fxs codec status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 747 set fxs codec type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748 set fxs display-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 749 Commands Reference 20 Contents set fxs fax-option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 750 set fxs line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 751 set fxs mailbox number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 752 set fxs mailbox password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 753 set fxs ring type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 754 set fxs user-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 755 set fxs user-password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 756 set gmt-offset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757 set ip tos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 758 set ip tos precedence option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 759 set mailbox ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 760 set pstn-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761 set voice mailbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 762 show voip codec config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 763 show voip config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 764 show voip firmware version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 765 show voip status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 766 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 767 voip1000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 768 Technical Report 069 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 769 acs url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 770 connection request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771 periodic inform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 772 periodic inform interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 773 send inform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 774 show mgmt server config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 775 show tr69 status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 776 tr69 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 777 Wireless commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 779 Wireless local area network commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 780 config ap country . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 782 config dot11—network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 783 config dot11 beaconperiod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 784 config dot11 channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 785 config dot11 dtim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 786 config dot11 fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 787 config dot11 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 788 config dot11 preamble . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 789 config dot11 profile clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 790 config dot11 protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 791 config dot11 rts-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 792 config dot11 supported rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 793 NN47928-100 Contents 21 config dot11 turbo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 794 config dot11 txpower . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 795 config dot11 wmm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 796 config dot11 wmm-acknowledge-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 797 config dot11 wmmparam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 798 config macfilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 799 config wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 800 config wlan broadcast-ssid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 801 config wlan create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 802 config wlan delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 803 config wlan interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 804 config wlan mac-filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805 config wlan pmksa timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 806 config wlan security auth-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 807 config wlan security cipher-suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 808 config wlan security preauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 809 config wlan security pre-shared-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 810 config wlan security static-wep-key encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 811 config wlan wep default-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 812 debug wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 813 no wlan static-wep-key encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 814 Variable definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 814 show AP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 815 show client ap global . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 816 show dot11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817 show mac-filter-info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 818 show wep default-key-info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 819 show wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 820 Digital Subscriber Line commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821 dsl operating-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 822 encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 823 qos set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 824 show dsl interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 825 show dsl interface pvc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 826 show dsl traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 827 traffic parameters set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 828 vpi value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 829 vci value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 830 T1/E1 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 831 cablelength long . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 832 cablelength short . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 833 channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 834 Commands Reference 22 Contents clear controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 835 clear controller statistics table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 836 clock source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 837 controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 838 controller mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839 debug t1e1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 840 dump t1e1 sib-counter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 841 framing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 842 linecode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 843 line status change trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 844 loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 845 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 846 sendcode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 847 show controllers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 848 show controller statistics interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 849 show controller statistics table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 850 show controllers t1e1 channel-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 851 vendorid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 852 Appendix A - Target based commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 853 negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854 speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 855 duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 856 mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 857 databits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 858 parity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 859 speed - console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 860 stopbits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 861 NN47928-100 23 New in this release This section details what is new in the Commands Reference guide for Business Services Gateway (BSG)8ew and BSG12ew/aw/tw 1.0. Features See the following sections for information about feature changes: • • • • Layer 2 commands (page 23) Layer 3 commands (page 23) BSG commands (page 24) Wireless commands (page 24) Layer 2 commands The following list provides the new layer 2 commands: • • • • • • • • • • • • • Spanning Tree Protocol commands (page 24) Port based network access control commands (page 24) Remote authentication dial-in user service commands (page 24) Link aggregation commands (page 24) Syslog commands (page 25) Secure shell commands (page 25) Secure sockets layer commands (page 25) System feature commands (page 25) Power over Ethernet commands (page 25) System commands (page 25) Virtual local area network commands (page 25) Dynamic host configuration protocol commands (page 25) Simple network management protocol version 3 commands (page 26) Layer 3 commands The following list provides the new Layer 3 commands: • • • • • • Internet protocol commands (page 26) Internet group management protocol commands (page 26) Route redistribution commands (page 26) Virtual router redundancy protocol commands (page 26) Routing information protocol commands (page 26) Open shortest path first commands (page 26) Commands Reference 24 New in this release BSG commands The following list provides the new Business Service Gateway (BSG) commands: • • • • • • • Domain name server commands (page 26) Firewall commands (page 27) Point-to-point protocol commands (page 27) Simple network time protocol commands (page 27) Network address translation commands (page 27) Virtual private network policy commands (page 27) Remote access commands (page 27) Wireless commands The following list provides the new commands for Wireless CLI: • • • Wireless local area network commands (page 27) Digital subscriber line commands (page 27) T1/E1 commands (page 27) Spanning Tree Protocol commands Spanning tree protocol (STP) is a link management protocol. For more information, see Spanning Tree Protocol commands (page 44). Port based network access control commands Port-based network access control (PNAC) is a portable implementation of the IEEE Std 802.1x PNAC. For more information, see Port based network access control commands (page 77). Remote authentication dial-in user service commands Remote authentication dial-in user service (RADIUS) is a client/server protocol and software. For more information, see Remote Authentication Dial-in User Service commands (page 98). Link aggregation commands Link aggregation is a method of combining physical network links into a single logical link for increased bandwidth. Internet group management protocol snooping commands Internet group management protocol (IGMP) is the protocol a host uses to inform a router when it joins (or leaves) an Internet multicast group. For more information, see Internet Group Management Protocol snooping commands (page 109). NN47928-100 New in this release 25 Syslog commands Syslog is a protocol used for capturing log information for devices on a network. For more information, see Syslog commands (page 132). Secure shell commands Secure shell (SSH) is a protocol for secure remote logon and other secure network services over an insecure network. For more information, see Secure Shell commands (page 142). Secure sockets layer commands Secure sockets layer (SSL) is a protocol developed for transmitting private documents through the Internet. For more information, see Secure Sockets Layer commands (page 146). System feature commands SMB BSG 8x12 offers a set of system features, such as logon services, copying or writing facilities, and duplex negotiation support. For more information, see System feature commands (page 153). Power over Ethernet commands Power over Ethernet (PoE) technology is a system that transmits electrical power, along with data, to remote devices over standard twisted-pair cable in an Ethernet network. For more information, see Power over Ethernet commands (page 224). System commands Use the system commands to manage access permissions, mode access, and terminal configurations on BSG. For more information, see System commands (page 230). Virtual local area network commands Virtual local area network (VLAN) is a group of devices on different physical LAN segments, which communicate with each other as if they were all on the same physical LAN segment. For more information, see Virtual local area network commands (page 267). Dynamic host configuration protocol commands Dynamic host configuration protocol (DHCP) allows dynamic configuration of a host computer. For more information, see Dynamic host configuration protocol commands (page 309). Commands Reference 26 New in this release Simple network management protocol version 3 commands Simple network management protocol version 3 (SNMPv3) specifies a generic management framework, which is expandable for adding new management engines, security models, and access control models. For more information, see Simple Network Management Protocol version 3 commands (page 349). Internet protocol commands Internet protocol (IP) is an identifier for a computer or device on a transmission control protocol (TCP/IP) network. For more information, see Internet Protocol commands (page 384). Internet group management protocol commands Internet group management protocol (IGMP) reports group memberships to any immediate neighboring multicast router. For more information, see Internet Group Management Protocol commands (page 411). Route redistribution commands Route redistribution (RRD) allows different routing protocols to exchange routing information. For more information, see Route redistribution commands (page 427). Virtual router redundancy protocol commands Virtual router redundancy protocol (VRRP) is an election protocol that dynamically assigns responsibility for one or more virtual routers to the VRRP routers on a LAN. For more information, see Virtual router redundancy protocol commands (page 436). Routing information protocol commands Routing information protocol (RIP) is a protocol used for managing router information within a self-contained network. For more information, see Routing Information Protocol commands (page 447). Open shortest path first commands Open shortest path first (OSPF) protocol is an Interior Gateway Protocol (IGP) used for distributing routing information within a single autonomous system. For more information, see Open Shortest Path First commands (page 467). Domain name server commands Use domain name server (DNS) commands to configure the DNS. NN47928-100 New in this release 27 Firewall commands A firewall is a complete security solution. For more information, see Firewall commands (page 594). Point-to-point protocol commands The Point-to-point protocol (PPP) interface provides a point-to-point link between two communicating ends. For more information, see Point-to-Point Protocol commands (page 631). Simple network time protocol commands The simple network time protocol (SNTP) module synchronizes the time and date in BSG. For more information, see Simple Network Time Protocol commands (page 641). Network address translation commands Network address translation (NAT) provides a mechanism for a privately addressed network to access registered networks, such as the internet, without requiring a registered subnet address. For more information, see Network Address Translation commands (page 652). Virtual private network policy commands Virtual private network (VPN) policy commands are used to authenticate the VPN. For more information, see Virtual private network policy commands (page 672). Remote access commands The remote access commands are used to configure remote access settings. For more information, see Diffserv commands (page 697). Wireless local area network commands The wireless local area network (WLAN) module controls the configuration of the wireless access point (AP) connected to the Business Service Gateway (BSG). For more information, see Wireless local area network commands (page 780). Digital subscriber line commands The digital subscriber line (DSL) module controls the configuration and control of the DSL modem connected to the BSG. For more information, see Digital Subscriber Line commands (page 821). T1/E1 commands T1/E1 is a digital WAN carrier facility. For more information, see T1/E1 commands (page 831). Commands Reference 28 New in this release NN47928-100 29 How to get help This section explains how to get help for Nortel products and services. Getting Help from the Nortel Web site The best way to get technical support for Nortel products is from the Nortel Technical Support Web site: http://www.nortel.com/support This site provides quick access to software, documentation, bulletins, and tools to address issues with Nortel products. More specifically, the site enables you to: • download software, documentation, and product bulletins • search the Technical Support Web site and the Nortel Knowledge Base for answers to technical issues • sign up for automatic notification of new software and documentation for Nortel equipment • open and manage technical support cases Getting Help over the phone from a Nortel Solutions Center If you don’t find the information you require on the Nortel Technical Support Web site, and have a Nortel support contract, you can also get help over the phone from a Nortel Solutions Center. In North America, call 1-800-4NORTEL (1-800-466-7835). Outside North America, go to the following Web site to obtain the phone number for your region: http://www.nortel.com/callus Getting Help from a specialist by using an Express Routing Code To access some Nortel Technical Solutions Centers, you can use an Express Routing Code (ERC) to quickly route your call to a specialist in your Nortel product or service. To locate the ERC for your product or service, go to: http://www.nortel.com/erc Commands Reference 30 How to get help Getting Help through a Nortel distributor or reseller If you purchased a service contract for your Nortel product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller. NN47928-100 31 Introduction The Commands Reference guide describes the Layer 2, Layer 3, Business Service Gateway (BSG), and wireless command line interface (CLI) commands. Both the service providers and system administrators use the CLI commands. CLI is the interface to the software you use when you access the BSG. Install the BSG and configure it. If the installer does not have access to a network or a Web UI, they must configure the BSG using the CLI. You can access the CLI remotely through Telnet (with the Telnet server on the equipment). Use secure shell for secure CLI access. With the CLI, you have more flexibility and control than with the Web user interface (UI). You can configure all of the available parameters in the CLI. But you cannot configure all the parameters in the Web UI. CLI is also faster than the GUI. Navigation • • • • • • Command modes (page 33) Layer 2 commands (page 43) Layer 3 commands (page 383) BSG commands (page 593) Wireless commands (page 779) Appendix A - Target based commands (page 853) Logging on to the CLI Use the following procedure to log on to the CLI using Telnet or SSH. Prerequisites • Use the web GUI to enable Telnet. Step Action 1 Launch the Telnet or SSH application from your PC. 2 When prompted, enter the IP address of the BSG you want to access. 3 Enter your user name. First time users must enter nnadmin for the user name. 4 Enter your password. First time users must enter PlsChgme! for the password. 5 The BSG# or command prompt appears. Commands Reference 32 Introduction NN47928-100 33 Command modes This section describes the command modes available in the Small and Medium Business (SMB) Business Services Gateway (BSG) 8ew and BSG12ew/aw/tw 1.0. Command modes navigation • • • Layer 2 command modes(page 34) Layer 3 command modes(page 37) Hierarchy of command modes(page 38) Commands Reference 34 Command modes Layer 2 command modes The following command modes are available in Layer 2: • • Command modes(page 34) Protocol-specific modes(page 35) Command modes Use Telnet or a Secure Shell (SSH) to access the command line interface (CLI). The following is a list of available modes when logon is complete: • • • • • User EXEC mode(page 34) Privileged EXEC mode(page 34) Global configuration mode(page 34) Interface configuration mode (page 34) Protocol-specific modes (page 35) User EXEC mode After you log on to the device, you are automatically in the User EXEC mode. Use the User EXEC commands to temporarily change terminal settings, perform basic tests, and list system information. Privileged EXEC mode Privileged access is password protected to prevent unauthorized use. The password is not displayed on the screen and is case-sensitive. The Privileged EXEC mode prompt is the device name followed by the pound (#) sign. Global configuration mode Global configuration commands can be executed at any level of the system. Interface configuration mode Use interface configuration commands to modify specific interface operations. These commands always follow the global configuration command, which defines the interface type: • • • • • • • Physical interface mode(page 35) Port channel interface mode(page 35) VLAN interface mode (page 35) Config VLAN mode(page 35) Tunnel interface mode(page 35) Out of band interface mode(page 35) PPP interface mode(page 35) NN47928-100 Command modes 35 Physical interface mode This is a sub-section of interface configuration mode. Use the physical interface mode to perform interface-specific operations. Use the exit command to return to the global configuration mode. Port channel interface mode Use the port channel interface mode to perform port-channel specific operations. Use the exit command to return to the global configuration mode. VLAN interface mode Use the VLAN interface mode to perform Layer 3 internet protocol/virtual local area network (L3-IPVLAN) specific operations. Use the exit command to return to the global configuration mode. Config VLAN mode Use this mode to configure VLAN properties. Tunnel interface mode Use the tunnel interface mode to perform tunnel-specific operations. Use the exit command to return to the global configuration mode. Out of band interface mode Use the out of band (OOB) interface mode to perform OOB-specific operations. Use exit to return to the global configuration mode. PPP interface mode Use the PPP interface mode to perform PPP-specific operations. Use exit to return to the global configuration mode Protocol-specific modes Use Telnet or a Secure Shell (SSH) to access the command line interface (CLI). The following is a list of available modes once logon is complete: • • • • • • MSTP configuration mode DiffSrv ClassMap configuration mode(page 36) DiffSrv Policy-Map configuration mode(page 36) DHCP pool configuration mode(page 36) ACL standard access list configuration mode(page 36) ACL MAC configuration mode(page 36) MSTP configuration mode Use this mode to configure the multiple spanning tree protocol (MSTP) specific parameters for the switch. Use the global configuration mode command spanning-tree mst configuration to enter the MSTP configuration mode. The prompt displayed at this mode is is(config-mst). Use the exit command to return to the global configuration mode. Commands Reference 36 Command modes DiffSrv ClassMap configuration mode Use the Diff ClassMap configuration mode to create a class map for matching the packets to the class whose index is specified and to enter the class-map configuration mode. Use the global configuration mode command class-mapto enter the DiffSvr Policy-Map configuration mode. The prompt displayed at this mode is iss(config-pmap)#. Use the exit command to return to the global configuration mode. DHCP pool configuration mode Use this mode to configure the network pool/host configurations of a subnet pool. Use the global configuration mode command ip dhcp pool to create a DHCP server address pool and place the user in the DHCP pool configuration mode. The prompt displayed at this mode is iss(dhcp-config)#. Use the exit command to return to the global configuration mode. ACL standard access list configuration mode Standard access lists create filters based on IP address and network mask only (Layer 3 filters only). Use the global configuration mode command ip access-list standard <(1-1000) to create IP access control lists (ACL) and enter the ACL standard access list configuration mode. The prompt displayed at this mode is iss(config-std-nacl)#. Use the exit command to return to the global configuration mode. ACL MAC configuration mode Use the ACL MAC configuration mode to create Layer 2 MAC ACLs and return the ACL MAC configuration mode to the user. Use the global configuration mode command mac access-list extended <(1-65535)> to enter the ACL MAC configuration mode. The prompt displayed at this mode is iss(config-ext-macl)#. Use the exit command to return to the global configuration mode. NN47928-100 Command modes 37 Layer 3 command modes The following command modes are available in Layer 3. • • • • Protocol Independent Multicast component mode(page 37) Router configuration mode(page 37) VRRP router configuration mode(page 37) VRRP interface configuration mode(page 37) Protocol Independent Multicast component mode Use the Protocol Independent Multicast (PIM) component mode to configure the PIM component. Use the global configuration mode command ip pim comp to enter the PIM component mode. Use the exit command to return to the global configuration mode. Router configuration mode Use the router configuration mode to configure the router protocol. Use the global configuration mode command router to enter the router configuration mode. The prompt displayed at this mode is bsg(config-router)#. Use the exit command to return to the global configuration mode or use the end command to exit to the Privileged EXEC mode. VRRP router configuration mode Use the VRRP router configuration mode to configure the virtual router. Use the global configuration mode command router vrrp to enter the virtual router redundancy protocol (VRRP) router configuration mode. Use the exit command to return to the global configuration mode or use the end command to exit to the Privileged EXEC mode. VRRP interface configuration mode Use this mode to configure the VRRP interfaces. Use the global configuration mode command interface Vlan to enter the VRRP router configuration mode. The prompt displayed at this mode is bsg(config-vrrp-if)#. Use the exit command to return to the VRRP router configuration mode or use the end command to exit to the Privileged EXEC mode. Technical Report 69 mode Use this mode to configure Technical Report (TR) 69 related parameters. Use the tr69 command from the config mode. Use the exit command to return to the config mode and end command to exit to the Privileged EXEC mode. Commands Reference 38 Command modes Hierarchy of command modes The following figures shows the hierarchy of command modes. NN47928-100 39 Using command modes The Command Line Interface (CLI) uses different command modes, depending on the type of operation that you are performing. Each command listed in this reference guide includes information about which command mode to use for that specific command. This chapter describes how to access the command modes available on the CLI. Each command mode has a specific prompt associated with it. The prompt indicates the current command mode: • • • • • bsg# indicates Privileged Exec mode bsg(config)# indicates Global Configuration mode bsg(config-if)# indicates Interface Configuration mode bsg(config-vlan)# indicates Config-VLAN mode bsg(config-line)# indicates Line Configuration mode Privileged Exec mode Use the Privileged Exec mode to configure general operating parameters on the BSG system. Using Privileged Exec mode Procedure steps Step Action 1 Log on to the BSG system using Telnet or SSH. 2 The CLI defaults to Privileged Exec mode. The prompt displayed for this mode is BSG#. 3 At the prompt, enter a command. 4 To exit this mode, enter logout. End Global configuration mode Use the Global Configuration mode to configure system-wide settings. Using Global configuration mode Procedure Steps Step Action Commands Reference 40 Using command modes 1 Log on to the BSG system using Telnet or SSH. 2 The CLI defaults to Privileged Exec mode. The prompt displayed for this mode is BSG#. 3 At the prompt, enter the following command: configure terminal. The system changes to Global Configuration mode, and displays the following prompt: BSG(config)# 4 At the prompt, enter a command. 5 Enter exit to return to the Privileged Exec mode. End Interface configuration mode Use the Interface Configuration mode to configure specific interface settings. Using Interface configuration mode Procedure steps Step Action 1 Log on to the BSG system using Telnet or SSH. 2 The CLI defaults to Privileged Exec mode. The prompt displayed for this mode is BSG#. 3 At the prompt, enter the following command: configure terminal. The system changes to Global Configuration mode, and displays the following prompt: BSG(config)# 4 At the prompt, enter the following command: interface The system changes to Interface Configuration mode, and displays the following prompt: BSG(config-if)# 5 Enter exit to return to Global Configuration mode. 6 Enter end to return to the Privileged Exec mode. End NN47928-100 Using command modes 41 Variable definitions This table describes the variables used in the Interface Configuration mode. Variable Value interface type Specifies the interface type. The interface type can be a gigabitethernet or a fastethernet interface. interface id Specifies the physical interface ID including type, slot and port number. The value is numeric. Example: 0/2 Config-VLAN mode Use the Config-VLAN mode to configure virtual LAN (VLAN) settings. Using Config-VLAN mode Procedure steps Step Action 1 Log on to the BSG system using Telnet or SSH. 2 The CLI defaults to Privileged Exec mode. The prompt displayed for this mode is BSG#. 3 At the prompt, enter the following command: configure terminal. The system changes to Global Configuration mode, and displays the following prompt: bsg(config)# 4 At the prompt, enter the following command: vlan The system changes to Config-VLAN mode, and displays the following prompt: bsg(config-vlan)# 5 Enter exit to return to Global Configuration mode. 6 Enter end to return to the Privileged Exec mode. End Variable Definitions This table describes the variables used in the Config-VLAN mode. Variable Value vlan id Specifies the number that identifies the VLAN. The value is numeric. Example: 5. Commands Reference 42 Using command modes Line configuration mode Use the Line Configuration mode to configure terminal line settings. Using Line configuration mode Procedure steps Step Action 1 Log on to the BSG system using Telnet or SSH. 2 The CLI defaults to Privileged Exec mode. The prompt displayed for this mode is bsg#. 3 At the prompt, enter the following command: configure terminal. The system changes to Global Configuration mode, and displays the following prompt: bsg(config)# 4 At the prompt, enter the following command: The system changes to Line Configuration mode, and displays the following prompt: bsg(config-line)# 5 Enter exit to return to Global Configuration mode. 6 Enter end to return to the Privileged Exec mode. End Variable definitions This table describes the variables used in the Line Configuration mode. Variable Value console Use when configuring lines that access the BSG through a console attached to the serial port. vty Use when configuring lines that access the BSG from a remote terminal using telnet or SSH. NN47928-100 43 Layer 2 commands This section describes the commands used in configuring the Layer 2 Command Line Interface (CLI). The CLI supports a simple logon authentication mechanism. The authentication is based on a user name and password you provide during logon. The root user is factory-programmed with the password admin123. Layer 2 commands navigation • • • • • • • • • • • • • • • • • Spanning Tree Protocol commands (page 44) Port based network access control commands (page 77) Remote Authentication Dial-in User Service commands (page 98) TACACS commands (page 103) Internet Group Management Protocol snooping commands (page 109) Syslog commands (page 132) Secure Shell commands (page 142) Secure Sockets Layer commands (page 146) System feature commands (page 153) Power over Ethernet commands (page 224) RMON commands (page 259) Virtual local area network commands (page 267) Dynamic host configuration protocol commands (page 309) DHCP client commands (page 311) DHCP relay commands (page 316) DHCP server commands (page 324) Simple Network Management Protocol version 3 commands (page 349) Commands Reference 44 Layer 2 commands Spanning Tree Protocol commands Spanning Tree Protocol (STP) is a link management protocol that provides path redundancy while preventing undesirable loops in the network that are created by multiple active paths between stations. To establish path redundancy, STP creates a tree that spans all the switches in an extended network, forcing redundant paths into a standby or blocked state. For proper functioning of an Ethernet network, only one active path must exist between two stations. Multiple active paths between stations in a bridged network can cause loops in which Ethernet frames can endlessly circulate. STP can logically break such loops and prevent looping traffic from clogging the network. The dynamic control of the topology provides continued network operation in the presence of redundant or unintended looping paths. STP navigation • • • • • • • • • • • • • • • • • • • • • • • • • • • clear spanning-tree counters (page 46) clear spanning-tree detected protocols (page 47) debug spanning-tree (page 48) instance (page 50) name (page 51) revision (page 52) show spanning-tree bridge (page 53) show spanning-tree—detail, active (page 54) show spanning-tree interface (page 55) show spanning-tree—summary, blockedports, pathcost (page 56) show spanning-tree mst configuration (page 58) show spanning-tree mst—common internal spanning tree or specified mst instance (page 59) show spanning-tree mst—port-specific configuration (page 60) show spanning-tree root (page 61) shutdown spanning-tree (page 62) spanning-tree (page 63) spanning-tree priority (page 64) spanning-tree compatibility (page 65) spanning-tree mode (page 66) spanning-tree auto-edge (page 67) spanning-tree mst configuration (page 68) spanning-tree mst hello-time (page 69) spanning-tree mst max-hops (page 70) spanning-tree path cost method (page 72) spanning-tree - Properties of an interface (page 73) spanning-tree mst - Properties of an interface for MSTP (page 74) spanning-tree timers (page 75) NN47928-100 Layer 2 commands • 45 spanning-tree transmit hold-count (page 76) Commands Reference 46 Layer 2 commands clear spanning-tree counters Use this command to reset all bridge-level and port-level statistics counters. Command mode Global configuration Syntax clear spanning-tree counters Related commands show spanning-tree interface show spanning-tree mst configuration NN47928-100 Layer 2 commands 47 clear spanning-tree detected protocols Use this command to restart the protocol migration process on all of the interfaces and force renegotiation with the neighboring switches. Command mode Privileged EXEC Syntax clear spanning-tree detected protocols [interface ] Variable definitions This table describes the variables used in the instance command. Variable Value interface Specifies the interface type and interface id. Related commands show spanning-tree interface show spanning-tree mst—port-specific configuration Commands Reference 48 Layer 2 commands debug spanning-tree Use this command to provide spanning tree debugging support. Precede this command with no to disable debugging. Command mode Privileged EXEC Syntax debug spanning-tree { all | errors |init-shut | management | memory | bpdu | events | timer | state-machine { port-info | port-receive | port-role-selection | role-transition | state-transition | protocol-migration | topology-change | port-transmit | bridge-detection } | redundancy | sem-variables} no debug spanning-tree {all | errors | init-shut | management | memory | bpdu | events | timer | state-machine {port-info | port-receive | port-role-selection | role-transition | state-transition | protocol-migration | topology-change | port-transmit | bridge-detection } | redundancy | sem-variables} Variable definitions The following table describes the variables used in debug spanning-tree command. Variable Value all Specifies all RSTP and MSTP debug messages. bpdu Specifies BPDU-related messages. bridge-detection Specifies bridge detection messages. errors Specifies error code debug messages. events Specifies events-related messages. init-shut Specifies initialize and shutdown debug messages. management Specifies management messages. Memory Specifies memory-related messages. port-info Specifies port information messages. port-receive Specifies port-received messages. port-role-selection Specifies port role selection messages. port-transmit Specifies port transmission messages. protocol-migration Specifies protocol migration messages. redundancy Specifies redundancy-related messages. role-transition Specifies role transition messages. NN47928-100 Layer 2 commands Variable Value sem-variables Specifies state-machine variables debug messages. state machine Specifies state-machine related debug messages. state-transition Specifies state transition messages. timer Specifies timer module messages. topology-change Specifies topology change messages. 49 Defaults Debugging is disabled Related commands show spanning-tree—summary, blockedports, pathcost Commands Reference 50 Layer 2 commands instance Use this command to map virtual local area networks (VLAN) to a multiple spanning tree (MST) instance. Precede this command with no to delete the instance and unmap specific VLANs from the MST instance. A single VLAN identified by VLAN ID number is specified by a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. Command mode MSTP configuration Syntax instance vlan no instance [vlan ] Variable definitions This table describes the variables used in the instance command. Variable Value instance-id(1-64) Specifies spanning tree instances. vlan-range Specifies VLAN range associated with a spanning tree instance. Defaults VLANs mapped for instance 0: 1–1024, 1025–2048, 2049–3072, 3073–4094 Related commands show spanning-tree mst configuration NN47928-100 Layer 2 commands 51 name Use this command to set the configuration name for the MST region. Precede this command with no to delete the configuration name. The name string is case sensitive. Command mode MSTP configuration Syntax name no name Variable definitions This table describes the variables used in the name command. Variable Value string(optional max length) Indicates maximum string length of 32 characters. Defaults The default configuration name is 00: 00: 00 :00: 00: 00: Related commands show spanning-tree mst configuration Commands Reference 52 Layer 2 commands revision Use this command to set the configuration revision number for the MST region. Precede this command with no to delete the configuration revision number. Command mode MSTP configuration Syntax revision no revision Variable definitions This table describes the variables used in the revision command. Variable Value Sets the configuration revision number. Defaults Configuration name is 0 Related commands show spanning-tree mst configuration NN47928-100 Layer 2 commands 53 show spanning-tree bridge Use this command to display spanning tree information. Command mode Privileged EXEC or User EXEC Syntax show spanning-tree bridge [{address | forward-time | hello-time | id | max-age | protocol | priority | detail }] Variable definitions This table describes the variables used in the show spanning-tree bridge command. Variable Value address Specifies bridge address. detail Displays bridge detail. forward-time Specifies bridge forward time. hello-time Specifies bridge hello time. id Specifies bridge ID. max-age Specifies bridge maximum age. priority Specifies bridge priority. protocol Specifies spanning tree protocol. Related commands show spanning-tree—detail, active spanning-tree mode spanning-tree timers Commands Reference 54 Layer 2 commands show spanning-tree—detail, active Use this command to display spanning tree information. Command mode Privileged and User EXEC Syntax show spanning-tree {detail [active] | active [detail] } Variable definitions This table describes the variables used in the show spanning-tree-detail, active command. Variable Value active Displays the bridge and details of the active ports (active ports are those ports that are participating in the spanning tree). detail Displays details about the port and bridge. These include designated bridge details, designated port details, timer values, and root bridge. Related commands show spanning-tree bridge show spanning-tree interface spanning-tree spanning-tree priority spanning-tree compatibility spanning-tree mode spanning-tree - Properties of an interface spanning-tree mst - Properties of an interface for MSTP spanning-tree timers spanning-tree transmit hold-count NN47928-100 Layer 2 commands 55 show spanning-tree interface Use this command to display spanning tree information. Command mode Privileged and User EXEC Syntax show spanning-tree interface [{cost | priority | portfast | rootcost | state | stats | detail}] Variable definitions This table describes the variables used in the show spanning-tree interface command. Variable Value cost Indicates spanning tree port cost. detail Displays details about the port and bridge. portfast Indicates spanning tree portfast state. priority Indicates spanning tree port priority. rootcost Indicates spanning tree rootcost (path cost to reach the root) value. state Indicates spanning tree state. stats Displays the input and output packets by switching path for the interface. Related commands clear spanning-tree counters clear spanning-tree detected protocols show spanning-tree—detail, active spanning-tree - Properties of an interface spanning-tree mst - Properties of an interface for MSTP Commands Reference 56 Layer 2 commands show spanning-tree—summary, blockedports, pathcost Use this command to display spanning tree information. This command holds good for both RSTP and MSTP. Command mode Privileged EXEC or User EXEC Syntax show spanning-tree [{summary | blockedports | pathcost method }] Variable definitions This table describes the variables used in the show spanning-tree—summary, blockedports, pathcost command. Variable Value blockedports Specifies blocked ports in the system. pathcost method Specifies pathcost method configured for a bridge. summary Displays summary of port states. Defaults Spanning tree is enabled with MSTP operating in the switch Related commands show spanning-tree bridge show spanning-tree interface spanning-tree spanning-tree priority spanning-tree compatibility spanning-tree mode spanning-tree path cost method spanning-tree - Properties of an interface spanning-tree mst - Properties of an interface for MSTP spanning-tree timers spanning-tree transmit hold-count NN47928-100 Layer 2 commands 57 show spanning-tree mst—CIST or specified mst Instance Use this command to display multiple spanning tree information for the Common Internal Spanning Tree (CIST) instance or specified MST instance. The MST option is available only when MSTP is the operational mode of the spanning tree. Command mode Privileged EXEC or User EXEC Syntax show spanning-tree mst [ ] [detail] Variable definitions This table describes the variables used in the show spanning-tree mst—CIST command. Variable Value instance-id Specifies the range of spanning tree instances. detail Specifies the spanning tree mst instance specific details. Related commands instance spanning-tree priority spanning-tree mst - Properties of an interface for MSTP Commands Reference 58 Layer 2 commands show spanning-tree mst configuration Use this command to display multiple spanning tree instance configuration. Command mode Privileged EXEC or User EXEC Syntax show spanning-tree mst configuration Related commands instance name revision NN47928-100 Layer 2 commands 59 show spanning-tree mst—common internal spanning tree or specified mst instance Use this command to display multiple spanning tree information for the Common Internal Spanning Tree (CIST) instance or specified MST instance. Command mode Privileged EXEC or User EXEC Syntax show spanning-tree mst [ ] [detail] Variable definitions This table describes the variables used in the show spanning-tree mst—common internal spanning tree or specified mst instance command. Variable Value detail Specifies spanning tree MST instance-specific details. instance-id Specifies range of spanning tree instances. Related commands instance spanning-tree priority spanning-tree mst - Properties of an interface for MSTP Commands Reference 60 Layer 2 commands show spanning-tree mst—port-specific configuration Use this command to display multiple spanning tree port-specific configuration. Command mode Privileged and User EXEC Syntax show spanning-tree mst [ ] interface [{stats | hello-time | detail }] Variable definitions This table describes the variables used in the show spanning-tree mst—port-specific configuration command. Variable Value detail Details multiple spanning tree port-specific configuration. hello-time Determines how often the switch broadcasts its hello message to other switches when it is the root of the spanning tree. instance-id Specifies the range of spanning tree instances. interface Details interface type and interface id. stats Displays the input and output packets by switching path for the interface. Related commands clear spanning-tree counters clear spanning-tree detected protocols instance show spanning-tree interface spanning-tree mst hello-time spanning-tree mst - Properties of an interface for MSTP spanning-tree - Properties of an interface NN47928-100 Layer 2 commands 61 show spanning-tree root Use this command to display spanning tree information. Command mode Privileged and User EXEC Syntax show spanning-tree root [{address | cost | forward-time | hello-time | id | max-age | port | priority | detail }] Variable definitions This table describes the variables used in the show spanning-tree root command. Variable Value address Specifies root bridge MAC address. cost Specifies cost value associated with the port. detail Displays details about the port and bridge. These include designated bridge details, designated port details, timer values, and root bridge. forward-time Specifies root bridge forward time hello-time Specifies root bridge hello time. id Specifies root bridge ID. max-age Specifies root bridge maximum age. port Specifies root port. priority Specifies root bridge priority. Related commands show spanning-tree—summary, blockedports, pathcost spanning-tree priority spanning-tree timers Commands Reference 62 Layer 2 commands shutdown spanning-tree Use this command to shut down spanning tree operation. MSTP and RSTP are mutually exclusive and hence the MSTP module must be shutdown to start the RSTP module. The bridge module must be enabled to start RSTP. Command mode Global configuration Syntax shutdown spanning-tree Defaults MSTP is started and enabled Related commands show spanning-tree—detail, active spanning-tree mode NN47928-100 Layer 2 commands 63 spanning-tree Use this command to enable the spanning tree operation. Precede this command with no to disable the spanning tree operation. Command mode Global configuration Syntax spanning-tree no spanning-tree Defaults Spanning tree enabled is MSTP Related commands show spanning-tree—summary, blockedports, pathcost Commands Reference 64 Layer 2 commands spanning-tree priority Use this command to set the bridge priority for the spanning tree in steps of 4096. Precede this command with no to set the bridge priority to the default value. Command mode Global configuration Syntax spanning-tree [mst ] priority no spanning-tree [mst (1-64)> priority] Variable definitions This table describes the variables used in the spanning-tree priority command. Variable Value mst Specifies the range of spanning tree instances. priority no spanning-tree mst hello-time Defaults Spanning-tree mst hello-time is 2 seconds Related commands show spanning-tree bridge Commands Reference 70 Layer 2 commands spanning-tree mst max-hops Use this command to set the maximum number of hops permitted in the MST. Precede this command with no to set the maximum number of hops permitted in the MST to the default value. The root switch of the instance always sends a BPDU with a cost of 0 and the hop count set to the maximum value. Command mode Global configuration Syntax spanning-tree mst max-hops no spanning-tree mst max-hops Variable definitions This table describes the variables used in the spanning-tree mst max-hops command. Variable Value hop-count <1-10> Specifies the number of hops in a region before the BDPU is discarded. Defaults 20 Related commands show spanning-tree mst configuration NN47928-100 Layer 2 commands 71 spanning-tree pathcost dynamic Use this command to set the maximum number of hops permitted in the MST. Precede this command with no to set the maximum number of hops permitted in the MST to the default value. The root switch of the instance always sends a BPDU with a cost of 0 and the hop count set to the maximum value. Command mode Global configuration Syntax spanning-tree pathcost dynamic no spanning-tree pathcost dynamic Defaults disabled Related commands spanning-tree path cost method spanning-tree compatibility spanning-tree - Properties of an interface spanning-tree mst - Properties of an interface for MSTP Commands Reference 72 Layer 2 commands spanning-tree path cost method Use this command to set the method to calculate the port path cost. Precede this command with no to set the method to calculate the port value to its default value. Command mode Global configuration Syntax spanning-tree pathcost method{long|short} no spanning-tree pathcost method Variable definitions This table describes the variables used in the spanning-tree path cost method command. Variable Value long Specifies 32-bit pathcost. short Specifies 16-bit pathcost. Defaults Long if MSTP or RSTP is running Short if STP compatible with RSTP is running Related commands show spanning-tree—summary, blockedports, pathcost NN47928-100 Layer 2 commands 73 spanning-tree - Properties of an interface Use this command to set the spanning tree properties of an interface. Precede this command with no to set the spanning tree properties of an interface to the default value. Command mode Interface configuration Syntax spanning-tree {cost | disable | link-type {point-to-point | shared } | portfast | port-priority } no spanning-tree {cost | disable | link-type | portfast | port-priority} Variable definitions This table describes the variables used in the spanning-tree - Properties of an interface command. Variable Value cost Specifies the pathcost value associated with the port. disable Disables the spanning tree on the port. link-type Specifies the link type. The link is either a point-to-point link or a shared LAN segment where another bridge is present. portfast Specifies that the port only has hosts connected and transitions to forwarding rapidly. port-priority Specifies the port priority value. Defaults cost 2000000 link-type shared portfast not in portfast mode port-priority 128 Related commands show spanning-tree interface Commands Reference 74 Layer 2 commands spanning-tree mst - Properties of an interface for MSTP Use this command to set the spanning tree properties of an interface for MSTP. Precede this command with no to set the spanning tree properties of an interface for MSTP to the default value. If all interfaces have the same priority value, the MST puts the interface with the lowest interface number in the forwarding state and blocks other interfaces Command mode Interface configuration Syntax spanning-tree {cost |disable|link-type{point-to-point|shared}|portfast|p ort-priority } no spanning-tree mst {cost|port-priority | disable} Variable definitions This table describes the variables used in the spanning-tree mst - Properties of an interface for MSTP command. Variable Value cost Specifies the pathcost value associated with the port. disable Disables the spanning tree on the port. instance-id(1-64) Specifies the range of spanning tree instances. port-priority Specifies port priority value. Defaults cost 2000000 port-priority 128 Related commands show spanning-tree interface show spanning-tree mst—port-specific configuration NN47928-100 Layer 2 commands 75 spanning-tree timers Use this command to set the spanning tree timers. Precede this command with no to set the spanning tree timers to default values. Command mode Global configuration Syntax spanning-tree {forward-time } no spanning-tree { forward-time | hello-time | max-age } Variables definitions This table describes the variables used in the spanning-tree timers command. Variable Value forward-time no spanning-tree transmit hold-count Variable definitions This table describes the variables used in the spanning-tree transmit hold-count command. Variable Value transmit hold-count Specifies the counter used to limit the maximum transmission rate of the switch. Defaults 6 Related commands show spanning-tree—summary, blockedports, pathcost NN47928-100 Layer 2 commands 77 Port based network access control commands Port based Network Access Control (PNAC) is a portable implementation of the IEEE Std 802.1x PNAC. It is used on both local area network (LAN) switches and wireless LAN access points to provide security services. When used in LAN switches, it offers access control to protected resources existing in the switched network. When used in WLAN access points, it provides authentication of the WLAN stations and improves the security by making use of the periodically exchanged key for encrypting data. PNAC can port to RTOS environments and interface to different switch hardware. Port based network access control commands navigation • • • • • • • • • • • • • • • • • • • aaa authentication dot1x default (page 78) debug dot1x (page 79) dot1x access-control (page 80) dot1x auth-mode (page 85) dot1x control-direction (page 81) dot1x default (page 82) dot1x init-session (page 83) dot1x init-session-reauth (page 84) dot1x local-database (page 86) dot1x max-req (page 87) dot1x max-start (page 88) dot1x port-control (page 89) dot1x re-authenticate (page 90) dot1x reauthentication (page 91) dot1x system-auth-control (page 92) dot1x timeout (page 93) set nas-id (page 95) show dot1x (page 96) shutdown dot1x (page 97) Commands Reference 78 Layer 2 commands aaa authentication dot1x default Use this command to enable the dot1x local authentication or Remote Authentication Dial In User Service (RADIUS) server based remote authentication method for all ports. Command mode Global configuration Syntax aaa authentication dot1x default {group radius | local} Variable definitions This table describes the variables used in the aaa authentication dot1x default command. Variable Value group radius Specifies RADIUS server based authentication local Specifies local authentication. Defaults local Related commands dot1x local-database radius-server host show dot1x NN47928-100 Layer 2 commands 79 debug dot1x Use this command to enable debugging of the dot1x module. Precede this command with no to disable debugging of dot1x module. Command mode Privileged EXEC Syntax debug dot1x {all | errors | events | packets | state-machine | redundancy} no debug dot1x {all | errors | events | packets | state-machine | redundancy} Variable definitions This table describes the variables used in the debug dot1x command. Variable Value all Specifies all dot1x debug messages. errors Specifies dot1x error code debug messages. events Specifies dot1x event debug messages. packets Specifies dot1x packet debug messages. redundancy Specifies redundancy related messages. state-machine Specifies state-machine related-event debug messages. Defaults Events debugging is enabled by default. Related commands show dot1x Commands Reference 80 Layer 2 commands dot1x access-control Use this command to configure the supplicant access control. Precede this command with no to set the access control to inactive. Command mode Interface configuration Syntax dot1x access-control {active|inactive} no dot1x access-control Variable definitions This table describes the variables used in the dotx access-control command. Variable Value active Set the port status as a combined port status of the authenticator and the supplicant. inactive Set the port status to the port status of the authenticator. Defaults Access control is inactive by default. Related commands show dot1x NN47928-100 Layer 2 commands 81 dot1x control-direction Use this command to configure port control direction. Precede this command with no to set the authenticator port control direction to both. Command mode Interface configuration Syntax dot1x control-direction {in|both} no dot1x control-direction Variable definitions This table describes the variables used in the dot1x control-direction command. Variable Value both Specifies that authentication control is imposed on both incoming and outgoing packets. in Specifies that authentication control is imposed only on the incoming packets. Defaults Control direction is both by default. Related commands show dot1x Commands Reference 82 Layer 2 commands dot1x default Use this command to configure dot1x with default values for this port. Command mode Interface configuration Syntax dot1x default Defaults Per-interface 802.1X protocol enable state Enabled (force-authorized) Periodic re authentication Disabled Number of seconds between re authentication attempts 3600 seconds Quiet period 60 seconds Retransmission time 30 seconds Maximum retransmission number 2 times Client timeout period 30 seconds tx period 30 seconds Authentication server timeout period 30 seconds Related commands show dot1x NN47928-100 Layer 2 commands 83 dot1x init-session Use this command to initiate dot1x authentication session. Command mode Global configuration mode Syntax dot1x init-session Variable definitions This table describes the variables used in the dot1x init-session command. Variable Value supp addr - aa.aa.aa.aa.aa.aa Specifies the supplicant address to initiate. Related commands show dot1x Commands Reference 84 Layer 2 commands dot1x init-session-reauth Use this command to initiate the dot1x reauthentication session. Command mode Global configuration mode Syntax dot1x init session-reauth Variable definitions This table describes the variable used in the dot1x init-session-reauth command. Variable Value supp addr - aa.aa.aa.aa.aa.aa Specifies the supplicant address to initiate. Related commands show dot1x NN47928-100 Layer 2 commands 85 dot1x auth-mode Use this command to configure the port authentication mode. Precede this command with no to set the port authentication mode to port based. Command mode Interface configuration mode Syntax dot1x auth-mode {port-based | mac-based} no dot1x auth-mode Variable definitions This table describes the variables used in the dot1x auth-mode command. Variable Value port-based Specifies the value to configure port-based authentication mode. mac-based Specifies the value to configure mac-based authentication mode. Related commands show dot1x Commands Reference 86 Layer 2 commands dot1x local-database Use this command to configure the dot1x authentication server database with user name and password. Precede this command with no to delete an entry from the dot1x authentication server database. Command mode Global configuration Syntax dot1x local-database password permission {allow | deny} [ ] [interface ] no dot1x local-database username Variable definitions This table describes the variables used in the dot1x local-database command. Variable Value auth-timeout Specifies the number of seconds between authentication attempts. interface Specifies the port list of the interface on which dot1x authentication can be applied. password Specifies the password. permission Specifies whether the user is allowed or denied access on a set of ports. username Specifies user name. Defaults permission allow interface-list all the physical interfaces Related commands aaa authentication dot1x default show dot1x NN47928-100 Layer 2 commands 87 dot1x max-req Use this command to set the maximum number of Extensible Authentication Protocol (EAP) retries to the client before restarting authentication process. Precede this command with no to set the maximum number of EAP retries to the client to default value. Command mode Interface configuration Syntax dot1x max-req no dot1x max-req Variable definitions This table describes the variables used in the dot1x max-req command. Variable Value count(1-10) Specifies number of EAP retries to the client. Defaults count 2 Related commands show dot1x Commands Reference 88 Layer 2 commands dot1x max-start Use this command to set the maximum number of EAP retries to the authenticator. Precede this command with no to set the maximum number of EAP retries to the authenticator to default value. Command mode Interface configuration Syntax dot1x max-start no dot1x max-start Variable definitions This table describes the variables used in the dot1x max-start command. Variable Value count(1-10) Specifies the number of EAP retries to the authenticator. Value ranges from 1 to 10. Defaults count NN47928-100 3 Layer 2 commands 89 dot1x port-control Use this command to configure the authenticator port control parameter. Precede this command with no to set the authenticator port control state to force authorized. Command mode Interface configuration Syntax dot1x port-control {auto|force-authorized|force-unauthorized} no dot1x port-control Variable definitions This table describes the variables used in the dot1x port-control command. Variable Value auto Enables 802.1x authentication on the interface and causes the port to transition to the authorized or unauthorized state based on the 802.1x authentication exchange between the server and the client. force-authorized All the traffic is allowed without any restrictions. force-unauthorized All the traffic over the interface will be blocked. Defaults Force-authorized is enabled Related commands dot1x default show dot1x Commands Reference 90 Layer 2 commands dot1x re-authenticate Use this command to initiate re-authentication of all dot1x-enabled ports or the specified dot1x-enabled port. Command mode Privileged EXEC Syntax dot1x re-authenticate [interface ] Variable definitions This table describes the variables used in the dot1x re-authenticate command. Variable Value interface Specifies port number of the interface to re-authenticate. Defaults dot1x is enabled by default. Related commands show dot1x NN47928-100 Layer 2 commands 91 dot1x reauthentication Use this command to enable periodic re-authentication from authenticator to client. Precede this command with no to disable periodic re-authentication from authenticator to client. Command mode Interface configuration Syntax dot1x reauthentication no dot1x reauthentication Defaults Periodic re-authentication is disabled Related commands dot1x default dot1x timeout show dot1x Commands Reference 92 Layer 2 commands dot1x system-auth-control Use this command to enable dot1x in the switch. Precede this command with no to disable dot1x in the switch Command mode Global configuration Syntax dot1x system-auth-control no dot1x system-auth-control Defaults dot1x is enabled Related commands show dot1x shutdown dot1x NN47928-100 Layer 2 commands 93 dot1x timeout Use this command to set the dot1x timers. Precede this command with no to set the dot1x timers to the default values. Command mode Interface configuration Syntax dot1x timeout {quiet-period | {reauth-period | server-timeout | supp-timeout | tx-period | start-period | held-period | auth-period } } no dot1x timeout {quiet-period | reauth-period | server-timeout | supp-timeout | tx-period | start-period | held-period | auth-period} Variable definitions This table describes the variables used in the dot1x timeout command. Variable Value auth-period Specifies the number of seconds that the supplicant waits before timing-out the authenticator. held-period Specifies the number of seconds that the supplicant waits before trying to acquire the authenticator. quiet-period Specifies the number of seconds that the switch remains in the quiet state following a failed authentication exchange with the client. reauth-period Specifies the number of seconds between re-authentication attempts. server-timeout Specifies the number of seconds that the switch waits for the retransmission of packets by the switch to the authentication server. start-period Specifies the number of seconds that the supplicant waits between successive retries to the authenticator. supp-timeout Specifies the number of seconds that the switch waits for the retransmission of packets by the switch to the client. tx-period Specifies the number of seconds that the switch waits for a response to an EAP-request/identity frame from the client before retransmitting the request. Commands Reference 94 Layer 2 commands Defaults quiet-period 60 seconds reauth-period 3600 seconds server-timeout 30 seconds supp-timeout 30 seconds tx-period 30 seconds start-period 30 seconds held-period 60 seconds auth-period 30 seconds Related commands dot1x default dot1x max-req dot1x reauthentication show dot1x NN47928-100 Layer 2 commands 95 set nas-id Use this command to set the dot1x network access server id. Command mode Global configuration Syntax set nas-id Variable definitions This table describes the variables used in the set nas-id command. Variable Value identifier Specifies the dot1x network access server ID of string length 16. Defaults fsNas1 Related commands show dot1x Commands Reference 96 Layer 2 commands show dot1x Use this command to display dot1x information. Command mode Privileged EXEC or User EXEC Syntax show dot1x [{interface | statistics interface | supplicant-statistics interface |local-database | mac-info [address ] |mac-statistics [address ] | all }] Variable definitions This table describes the variables used in the show dot1x command. Variable Value all Specifies the dot1x status for all interfaces. interface Specifies the dot1x status for the specified interface. local-database Specifies the dot1x authentication server database with user name and password. mac-info Specifies the dot1x MAC information for the interface with the specified MAC address. mac-statistics Specifies the dot1x MAC statistics for the interface with the specified MAC address. statistics interface Specifies the dot1x authenticator statistics for the switch or the specified interface. supplicant-statistics interface Specifies the dot1x supplicant statistics for the switch or the specified interface. Related commands dot1x default NN47928-100 Layer 2 commands 97 shutdown dot1x Use this command to shut down dot1x capability. Precede this command with no to start and enable dot1x capability. Command mode Global configuration Syntax shutdown dot1x no shutdown dot1x Related commands dot1x system-auth-control show dot1x Commands Reference 98 Layer 2 commands Remote Authentication Dial-in User Service commands Remote Authentication Dial-in User Service (RADIUS) is a client and server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. It is commonly used for embedded network devices such as routers, modem servers, and switches. RADIUS is the accepted standard for remote authentication. It is prevalent in both new and legacy systems and provides the following benefits: • • facilitates centralized user administration. consistently provides some level of protection against an active attacker. RADIUS commands navigation • • • • debug radius (page 99) radius-server host (page 100) show radius server (page 101) show radius statistics (page 102) NN47928-100 Layer 2 commands 99 debug radius Use this command to enable the RADIUS debugging options. Precede this command with no to disable the RADIUS debugging options. Command mode Privileged EXEC Syntax debug radius {all | errors | events | packets | responses | timers} no debug radius Variable definitions This table describes the variables used in the debug radius command. Variable Value all Enables all the RADIUS server messages. errors Enables error code debug messages. events Enables events related messages. packets Enables the packets related messages. responses Enables the server response related messages. timers Enables the timer related messages. Defaults Debugging is disabled Related commands show radius server Commands Reference 100 Layer 2 commands radius-server host Use this command to configure the RADIUS client with the parameters which include host, timeout, key, and retransmit. Precede this command with no to delete the RADIUS server configuration. Command mode Global configuration Syntax radius-server host [timeout <1-120>] [retransmit <1-254>] key no radius-server host Variable definitions This table describes the variables used in the radius-server host command. Variable Value timeout Specifies the time period in seconds for which a client will wait for a response from the server before re-transmitting the request. retransmit Specifies the maximum number of attempts the client undertakes to contact the server. key Specifies the per-server encryption key. Specifies the authentication and encryption key for all RADIUS communications between the authenticator and the RADIUS server. The string length is 46. Defaults timeout 10 seconds retransmit 3 attempts key empty string Related commands aaa authentication dot1x default show radius server show radius statistics NN47928-100 Layer 2 commands 101 show radius server Use this command to display RADIUS server configuration. Command mode Privileged EXEC or User EXEC Syntax show radius server Related commands radius-server host Commands Reference 102 Layer 2 commands show radius statistics Use this command to display RADIUS server statistics. Command mode Privileged EXEC or User EXEC Syntax show radius statistics Related commands radius-server host NN47928-100 Layer 2 commands 103 TACACS commands Terminal Access Controller Access Control System (TACACS) is a client and server protocol that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. Use this command to provide Network Access Security (NAS), which ensures secure access from remotely connected users. TACACS implements the TACACS client and provides the Authentication, Authorization, and Accounting (AAA) functionalities. TACACS commands navigation • • • • • debug tacacs (page 104) show tacacs (page 105) tacacs-server host (page 106) tacacs-server retransmit (page 107) tacacs use-server address (page 108) Commands Reference 104 Layer 2 commands debug tacacs Use this command to set the debug trace level for TACACS client module. Precede the command with no to disable the debug trace level for TACACS client module. Command mode Privileged EXEC mode Syntax debug tacacs { all | info | errors | dumptx | dumprx } no debug tacacs Variable definitions This table describes the variables used in the debug tacacs command. Variable Value all Displays all TACACS debug messages. info Displays TACACS server information messages. errors Displays error code debug messages. dumptx Displays transmitted packet dump messages. dumprx Displays received packet dump messages. Defaults Debugging is disabled NN47928-100 Layer 2 commands 105 show tacacs Use this command to view the statistical log information and server for TACACS+ client. Command mode Privileged EXEC or User EXEC Syntax show tacacs Related commands show tacacs tacacs use-server address Commands Reference 106 Layer 2 commands tacacs-server host Use this command to configure host, timeout, and key in the TACACS server. Precede this command with no to delete the server entry from the TACACS server table. Command mode Global configuration mode. Syntax tacacs-server host [single-connection] [port ] [timeout