Avaya Bsg8 12 1 0 Users Manual BSG8_12 Command Reference

2015-06-01

: Avaya Avaya-Bsg8-12-1-0-Users-Manual-736504 avaya-bsg8-12-1-0-users-manual-736504 avaya pdf

Open the PDF directly: View PDF PDF.
Page Count: 862

DownloadAvaya Avaya-Bsg8-12-1-0-Users-Manual- BSG8_12 Command Reference Avaya-bsg8-12-1-0-users-manual
Open PDF In BrowserView PDF
Commands Reference

BSG8ew 1.0 and BSG12ew/aw/tw 1.0
Business Services Gateway
Document Status: Standard
Document Number: NN47928-100
Document Version: 02.02
Date: September 2008

Copyright © 2007–2008 Nortel Networks, All Rights Reserved
All rights reserved.
The information in this document is subject to change without notice. The statements, configurations, technical data, and
recommendations in this document are believed to be accurate and reliable, but are presented without express or implied
warranty. Users must take full responsibility for their applications of any products specified in this document. The
information in this document is proprietary to Nortel Networks.

Trademarks
Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks.
Microsoft, MS, MS-DOS, Windows, and Windows NT are trademarks of Microsoft Corporation.
All other trademarks and registered trademarks are the property of their respective owners.

Contents

3

Contents
New in this release. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Layer 2 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Layer 3 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
BSG commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Wireless commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Getting Help from the Nortel Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Getting Help over the phone from a Nortel Solutions Center . . . . . . . . . . . . . . . . . . . 29
Getting Help from a specialist by using an Express Routing Code . . . . . . . . . . . . . . . 29
Getting Help through a Nortel distributor or reseller . . . . . . . . . . . . . . . . . . . . . . . . . . 30

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Logging on to the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Layer 2 command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Protocol-specific modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Layer 3 command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Protocol Independent Multicast component mode . . . . . . . . . . . . . . . . . . . . . . . . 37
Router configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
VRRP router configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
VRRP interface configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Technical Report 69 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Hierarchy of command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Using command modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Privileged Exec mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Global configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Interface configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Config-VLAN mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Line configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Layer 2 commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Spanning Tree Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
clear spanning-tree counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
clear spanning-tree detected protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
debug spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Commands Reference

4

Contents

revision . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
show spanning-tree bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
show spanning-tree—detail, active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
show spanning-tree interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
show spanning-tree—summary, blockedports, pathcost . . . . . . . . . . . . . . . . . . . 56
show spanning-tree mst—CIST or specified mst Instance . . . . . . . . . . . . . . . . . . 57
show spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
show spanning-tree mst—common internal spanning tree or specified mst instance 59
show spanning-tree mst—port-specific configuration . . . . . . . . . . . . . . . . . . . . . . 60
show spanning-tree root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
shutdown spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
spanning-tree compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
spanning-tree mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
spanning-tree auto-edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
spanning-tree mst hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
spanning-tree mst max-hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
spanning-tree pathcost dynamic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
spanning-tree path cost method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
spanning-tree - Properties of an interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
spanning-tree mst - Properties of an interface for MSTP . . . . . . . . . . . . . . . . . . . 74
spanning-tree timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
spanning-tree transmit hold-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Port based network access control commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
aaa authentication dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
debug dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
dot1x access-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
dot1x control-direction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
dot1x init-session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
dot1x init-session-reauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
dot1x auth-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
dot1x local-database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
dot1x max-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
dot1x max-start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
dot1x port-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
dot1x re-authenticate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
dot1x reauthentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
dot1x system-auth-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
dot1x timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

NN47928-100

Contents

5

set nas-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
show dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
shutdown dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Remote Authentication Dial-in User Service commands . . . . . . . . . . . . . . . . . . . . . . . 98
debug radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
radius-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
show radius server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
show radius statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
TACACS commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
debug tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
show tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
tacacs-server retransmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
tacacs use-server address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
Internet Group Management Protocol snooping commands . . . . . . . . . . . . . . . . . . . 109
debug ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
ip igmp snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
ip igmp snooping group-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
ip igmp snooping mrouter-time-out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
ip igmp snooping port-purge-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
ip igmp snooping proxy-reporting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
ip igmp snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
ip igmp snooping query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
ip igmp snooping report-forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
ip igmp snooping report-suppression-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
ip igmp snooping retry-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
ip igmp snooping version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
show ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
show ip igmp snooping forwarding-database . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
show ip igmp snooping globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
show ip igmp snooping groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
show ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
show ip igmp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
shutdown snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
snooping multicast-forwarding-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Syslog commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
clear logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
cmdbuffs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
mailserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Commands Reference

6

Contents

receiver mail-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
sender mail-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
show email alerts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
show logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Secure Shell commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
debug ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
show ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Secure Sockets Layer commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
debug ssl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
ip http secure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
show ip http secure server status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
show ssl server-cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
ssl gen cert-req algo rsa sn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
ssl server-cert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
System feature commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
archive download-sw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
archive select . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
authorized-manager ip-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
base-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
cli console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
clock set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
copy-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
copy logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
copy startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
debug-logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
default ip address allocation protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
default management port ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
default mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
default restore-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
default tr69 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
default vlan mgmt port ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
disable login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
dump network status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
enable login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
flowcontrol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
jumbo frame support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
ip address—DHCP, RARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

NN47928-100

Contents

7

ip address negotiated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
ip http port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
login authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
mac-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
mtu frame size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
network-type wan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
private link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
set bootdelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
set ip http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
show authorized-managers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193
show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
show debugging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
show debug-logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
show files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
show flow-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
show http server status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
show ip interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
show interface mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
show interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
show interfaces—counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
show management vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
show nvram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
show running config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
show sub-system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
show system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
show tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
show uplink rate-limit status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
shutdown—physical/VLAN/port-channel/tunnel/PPP Interface . . . . . . . . . . . . . . 212
snmp trap link-status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
switch name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
system set factory default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
tunnel checksum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
tunnel mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
tunnel path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
tunnel udlr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
uplink rate limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
uplink rate limit enable / disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
write . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223
Power over Ethernet commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
power inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225

Commands Reference

8

Contents

power inline priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
set poe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
show power detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
show power inline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
System commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230
alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
clear screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
close line vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
configure terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
enable password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
line configuration mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
listgroups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
listuser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
lock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
moduser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
pagination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
run script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
show aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
show history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
show line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
show privilege . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
show users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
RMON commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
rmon collection stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264
set rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
show rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Virtual local area network commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
debug vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269

NN47928-100

Contents

9

group restricted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
mac-address-table static multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
mac-address-table static unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
map protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
port protocol-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277
ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
protocol-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
set garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
set gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
set gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
set port gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
set port gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
show garp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285
show mac-address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
show mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
show mac-address-table count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
show mac-address-table dynamic multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
show mac-address-table dynamic unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
show mac-address-table static multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
show mac-address-table static unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
show protocol-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
show vlan device capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
show vlan device info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
show vlan port config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
show vlan protocols-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
shutdown garp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
switchport acceptable-frame-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300
switchport ingress-filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
switchport map protocols-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
switchport mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
switchport priority default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
switchport pvid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
vlan map-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
vlan restricted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Dynamic host configuration protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
DHCP client commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
debug ip dhcp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313

Commands Reference

10

Contents

renew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
show ip dhcp client stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315
DHCP relay commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
debug ip dhcp relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316
ip dhcp relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
ip dhcp relay information option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318
ip dhcp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319
service dhcp-relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320
show dhcp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
show ip dhcp relay information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
show ip dhcp relay interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323
DHCP server commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
debug ip dhcp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
default-router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
dns-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
domain-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
excluded-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328
host hardware-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
ip dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
ip dhcp bootfile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
ip dhcp device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332
ip dhcp next-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
ip dhcp option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
ip dhcp pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
lease . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336
netbios-name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
netbios-node-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
service dhcp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
show ip dhcp server binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
show ip dhcp server devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
show ip dhcp server information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
show ip dhcp server pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
show ip dhcp server statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
show snmp-server traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
utilization threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
Simple Network Management Protocol version 3 commands . . . . . . . . . . . . . . . . . . 349
show snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
show snmp agent information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
show snmp community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
show snmp engineID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354

NN47928-100

Contents

11

show snmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
show snmp group access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
show snmp inform statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
show snmp notif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
show snmp-server traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
show snmp targetaddr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
show snmp targetparam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
show snmp user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
show snmp viewtree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
snmp agent status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
snmp allowed version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
snmp access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
snmp community index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
snmp engineid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370
snmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
snmp notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
snmp-server enable traps snmp authentication . . . . . . . . . . . . . . . . . . . . . . . . . 373
snmp targetaddr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
snmp targetparams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376
snmp user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
snmp view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
snmp-server enable traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
system contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
system location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382

Layer 3 commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
Internet Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
arp timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
arp—IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
ip aggregate-route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
ip arp max-retries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
ip default-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
ip directed-broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
ip echo-reply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
ip mask-reply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
ip path mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
ip path mtu discover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
ip rarp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
ip rarp client request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
ip redirects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
ip routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400
ip unreachables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401

Commands Reference

12

Contents

maximum-paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
show ip arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
show ip information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405
show ip pmtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
show ip rarp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
show ip traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
show ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
traffic-share . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Internet Group Management Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
debug ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
ip igmp immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
ip igmp last-member-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
ip igmp query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
ip igmp query-max-response-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
ip igmp robustness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
ip igmp static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
ip igmp version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
no ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
set ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421
show ip igmp global-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
show ip igmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423
show ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
show ip igmp sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425
show ip igmp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426
Route redistribution commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427
as-num . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428
default redistribute-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429
export ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430
redistribute-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431
router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432
show ip protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
show redistribute information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434
show redistribute-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435
Virtual router redundancy protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
debug VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437
interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
router vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
show vrrp —vrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440
show vrrp interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
vrrp-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442
vrrp-ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443

NN47928-100

Contents

13

vrrp—preempt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
vrrp—priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445
vrrp - text-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
Routing Information Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
auto-summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448
debug ip rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
default-metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450
ip rip authentication mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
ip rip default route originate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452
ip rip receive version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
ip rip retransmission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
ip rip security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
ip rip send version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456
ip rip summary-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457
ip spilt-horizon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458
neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
output-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
passive-interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
router rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
show ip rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
timers basic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466
Open Shortest Path First commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
abr-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
area—default cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
area—nssa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471
area—range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
area—stability-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
area—stub . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
area—translation-role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
area—virtual-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477
ASBR Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479
compatible rfc1583 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
debug ip ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
default-information originate always . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
ip ospf authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483
ip ospf authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
ip ospf cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485
ip ospf dead-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486
ip ospf demand-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
ip ospf hello-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488

Commands Reference

14

Contents

ip ospf message-digest-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
ip ospf network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
ip ospf priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
ip ospf retransmit-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
ip ospf transmit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493
neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
passive-interface default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496
passive-interface vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
redistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
redist-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499
router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500
router ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
set nssa asbr-default-route translator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502
show ip ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503
show ip ospf border-routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
show ip ospf—database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 505
show ip ospf—database summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506
show ip ospf interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507
show ip ospf neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 508
show ip ospf request-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509
show ip ospf retransmission-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510
show ip ospf route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
show ip ospf—summary address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512
show ip ospf virtual-links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
summary-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514
Session Initiation Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516
add dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518
add sipserver MaximumSimWANCallsAllowed . . . . . . . . . . . . . . . . . . . . . . . . . . 519
add subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520
bsg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521
CDR Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522
delete dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 523
delete sipserver MaximumSimWANCallsAllowed . . . . . . . . . . . . . . . . . . . . . . . . 524
delete subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525
dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526
domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
protocolheader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528
proxypolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529
registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530
reload dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531
set sipserver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532

NN47928-100

Contents

15

set sipserver BackupModeGlobalDialPlanName . . . . . . . . . . . . . . . . . . . . . . . . 533
set sipserver—Brief / Detailed Traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
set sipserver CDRDirectoryPath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
set sipserver CDRGeneration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536
set sipserver DNSLookupTimeOut . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537
set sipserver domain name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538
set sipserver Dynamic Subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
set sipserver EnableSessionTimerRangeValidations . . . . . . . . . . . . . . . . . . . . . 540
set sipserver ForkingPolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541
set sipserver –max/min/default timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542
set sipserver - MaximumRegistrationPeriod . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543
set sipserver MaximumSimWANCallsAllowed . . . . . . . . . . . . . . . . . . . . . . . . . . 544
set sipserver MinimumRegistrationPeriod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545
set sipserver NormalModeGlobalDialPlanName . . . . . . . . . . . . . . . . . . . . . . . . . 546
set sipserver OrganizationHeader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547
set sipserver PolledServers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548
set sipserver ServerHeader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549
set sipserver SIP Message Dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550
set sipserver TFTPServerAddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551
set sipserver - timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552
show sipserver ActiveWANCallCount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554
show sipserver CDRDirectoryPath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555
show sipserver CDRGeneration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556
show sipserver dialplan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 557
show sipserver DynamicSubscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558
show sipserver NormalModeGlobalDialPlanName . . . . . . . . . . . . . . . . . . . . . . . 559
show sipserver OrganizationHeader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560
show sipserver - Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561
show sipserver - Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562
show sipserver –scope bsg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563
show sipserver serverdomainname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 564
show sipserver – Session Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565
show sipserver status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566
show sipserver subscriber details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567
show sipserver TFTPServerAddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568
show sipserver - Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569
show sipserver - Traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570
sip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571
sip – enable/disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572
timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573
trace sip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574
traces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575

Commands Reference

16

Contents

transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
update subscriber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577
Linux tunnel commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578
clear dns—server cache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580
copy ftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581
debug linuxtun . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582
dns-server forwarder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583
dns-server forwarder – enable/disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584
dns-server forwarder zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585
set dns—server cache timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 586
show dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587
show tftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 588
telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589
tftp-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590
tftp-server topdir . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591

BSG commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593
Firewall commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594
access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596
clear global statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 597
clear interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598
commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599
disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 600
dmz . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601
enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602
filter add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603
firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604
icmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605
icmp inspect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606
ip filter fragments large . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607
ip inspect option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608
ip inspect tcp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609
ip inspect tcp half open . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 610
ip inspect tcp syn wait . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 611
ip verify reverse path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 612
netbios filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613
no filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614
show firewall access-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615
show firewall config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616
show firewall dmz host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617
show firewall filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618
show firewall half open connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619

NN47928-100

Contents

17

show firewall interface config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 620
show firewall interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621
show firewall logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622
show firewall stateful table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623
show firewall stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624
show url filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625
trap threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626
untrusted port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627
url filter add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628
url filter delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629
url filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 630
Point-to-Point Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631
debug ppp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632
keep-alive timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 633
layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 634
multilink-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 635
peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636
ppp authenticate username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 637
ppp chap hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638
ppp username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639
uplink rate limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 640
Simple Network Time Protocol commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641
clock summer-time recurring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642
show sntp clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643
show sntp status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 644
sntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645
sntp authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646
sntp—enable/disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 647
sntp no time zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 648
sntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649
sntp set poll-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 650
sntp time zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651
Network Address Translation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 652
debug nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653
disable virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 654
enable virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655
interface nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 656
ip nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657
ip nat pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658
ip nat—timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 659
no virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 660
portrange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661

Commands Reference

18

Contents

port trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 662
show ip nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663
show ip nat interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664
show nat config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665
show portrange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 666
show port trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 667
show port trigger reserved list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668
show virtual servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 669
static nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 670
virtual server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671
Virtual private network policy commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 672
access list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673
clear vpn logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 674
crypto ipsec mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675
crypto key mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 676
crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 677
crypto map - Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678
crypto map ipsec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679
ip ra-vpn pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 680
isakmp peer identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681
isakmp policy encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682
ra-vpn username . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 683
set local identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 684
set peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 685
set session key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 686
set vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 687
show crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 688
show ra-vpn users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 689
show ra-vpn address-pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 690
show vpn config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691
show vpn global statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692
show vpn IKE statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693
show vpn logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694
show vpn remote—ids . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695
vpn remote identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696
Diffserv commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 697
class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 698
class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 699
no policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 701
police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702
policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 703
queue threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 704

NN47928-100

Contents

19

queue weight . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 705
set qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 706
set vlan traffic-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 707
show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 708
show policer statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 709
show policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 710
show qos default dhcp-dot1p mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 711
show qos status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 712
show queue stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713
show queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 714
show vlan port config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715
show vlan traffic-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716
shutdown qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717
switchport priority default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 718
vlan map—priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719
vlan max-traffic-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 720
Access control list commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 721
deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 722
mac access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724
mac access-list extended . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 725
permit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 726
show access-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 728
VOIP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729
reboot voip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 731
set country code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732
set default codec type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 733
set default g723 encoding rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734
set default silent suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 735
set digital dial timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 736
set dtmf relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 737
set dtmf rtp payload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 738
set fxo emergency-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739
set fxo forward phone-no . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 740
set fxo hook detect time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741
set fxo channel-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 742
set fxo phone-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 743
set fxo ring count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744
set fxs call-forward . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745
set fxs call-forward number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746
set fxs codec status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 747
set fxs codec type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748
set fxs display-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 749

Commands Reference

20

Contents

set fxs fax-option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 750
set fxs line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 751
set fxs mailbox number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 752
set fxs mailbox password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 753
set fxs ring type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 754
set fxs user-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 755
set fxs user-password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 756
set gmt-offset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757
set ip tos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 758
set ip tos precedence option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 759
set mailbox ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 760
set pstn-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761
set voice mailbox . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 762
show voip codec config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 763
show voip config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 764
show voip firmware version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 765
show voip status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 766
shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 767
voip1000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 768
Technical Report 069 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 769
acs url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 770
connection request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771
periodic inform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 772
periodic inform interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 773
send inform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 774
show mgmt server config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 775
show tr69 status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 776
tr69 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 777

Wireless commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 779
Wireless local area network commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 780
config ap country . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 782
config dot11—network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 783
config dot11 beaconperiod . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 784
config dot11 channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 785
config dot11 dtim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 786
config dot11 fragmentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 787
config dot11 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 788
config dot11 preamble . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 789
config dot11 profile clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 790
config dot11 protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 791
config dot11 rts-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 792
config dot11 supported rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 793

NN47928-100

Contents

21

config dot11 turbo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 794
config dot11 txpower . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 795
config dot11 wmm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 796
config dot11 wmm-acknowledge-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 797
config dot11 wmmparam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 798
config macfilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 799
config wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 800
config wlan broadcast-ssid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 801
config wlan create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 802
config wlan delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 803
config wlan interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 804
config wlan mac-filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805
config wlan pmksa timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 806
config wlan security auth-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 807
config wlan security cipher-suite . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 808
config wlan security preauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 809
config wlan security pre-shared-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 810
config wlan security static-wep-key encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 811
config wlan wep default-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 812
debug wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 813
no wlan static-wep-key encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 814
Variable definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 814
show AP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 815
show client ap global . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 816
show dot11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817
show mac-filter-info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 818
show wep default-key-info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 819
show wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 820
Digital Subscriber Line commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821
dsl operating-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 822
encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 823
qos set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 824
show dsl interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 825
show dsl interface pvc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 826
show dsl traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 827
traffic parameters set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 828
vpi value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 829
vci value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 830
T1/E1 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 831
cablelength long . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 832
cablelength short . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 833
channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 834

Commands Reference

22

Contents

clear controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 835
clear controller statistics table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 836
clock source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 837
controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 838
controller mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839
debug t1e1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 840
dump t1e1 sib-counter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 841
framing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 842
linecode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 843
line status change trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 844
loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 845
mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 846
sendcode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 847
show controllers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 848
show controller statistics interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 849
show controller statistics table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 850
show controllers t1e1 channel-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 851
vendorid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 852

Appendix A - Target based commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 853
negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854
speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 855
duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 856
mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 857
databits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 858
parity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 859
speed - console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 860
stopbits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 861

NN47928-100

23

New in this release
This section details what is new in the Commands Reference guide for Business Services Gateway
(BSG)8ew and BSG12ew/aw/tw 1.0.

Features
See the following sections for information about feature changes:
•
•
•
•

Layer 2 commands (page 23)
Layer 3 commands (page 23)
BSG commands (page 24)
Wireless commands (page 24)

Layer 2 commands
The following list provides the new layer 2 commands:
•
•
•
•
•
•
•
•
•
•
•
•
•

Spanning Tree Protocol commands (page 24)
Port based network access control commands (page 24)
Remote authentication dial-in user service commands (page 24)
Link aggregation commands (page 24)
Syslog commands (page 25)
Secure shell commands (page 25)
Secure sockets layer commands (page 25)
System feature commands (page 25)
Power over Ethernet commands (page 25)
System commands (page 25)
Virtual local area network commands (page 25)
Dynamic host configuration protocol commands (page 25)
Simple network management protocol version 3 commands (page 26)

Layer 3 commands
The following list provides the new Layer 3 commands:
•
•
•
•
•
•

Internet protocol commands (page 26)
Internet group management protocol commands (page 26)
Route redistribution commands (page 26)
Virtual router redundancy protocol commands (page 26)
Routing information protocol commands (page 26)
Open shortest path first commands (page 26)

Commands Reference

24

New in this release

BSG commands
The following list provides the new Business Service Gateway (BSG) commands:
•
•
•
•
•
•
•

Domain name server commands (page 26)
Firewall commands (page 27)
Point-to-point protocol commands (page 27)
Simple network time protocol commands (page 27)
Network address translation commands (page 27)
Virtual private network policy commands (page 27)
Remote access commands (page 27)

Wireless commands
The following list provides the new commands for Wireless CLI:
•
•
•

Wireless local area network commands (page 27)
Digital subscriber line commands (page 27)
T1/E1 commands (page 27)

Spanning Tree Protocol commands
Spanning tree protocol (STP) is a link management protocol. For more information, see Spanning
Tree Protocol commands (page 44).

Port based network access control commands
Port-based network access control (PNAC) is a portable implementation of the IEEE Std 802.1x
PNAC. For more information, see Port based network access control commands (page 77).

Remote authentication dial-in user service commands
Remote authentication dial-in user service (RADIUS) is a client/server protocol and software. For
more information, see Remote Authentication Dial-in User Service commands (page 98).

Link aggregation commands
Link aggregation is a method of combining physical network links into a single logical link for
increased bandwidth.

Internet group management protocol snooping commands
Internet group management protocol (IGMP) is the protocol a host uses to inform a router when it
joins (or leaves) an Internet multicast group. For more information, see Internet Group
Management Protocol snooping commands (page 109).

NN47928-100

New in this release

25

Syslog commands
Syslog is a protocol used for capturing log information for devices on a network. For more
information, see Syslog commands (page 132).

Secure shell commands
Secure shell (SSH) is a protocol for secure remote logon and other secure network services over an
insecure network. For more information, see Secure Shell commands (page 142).

Secure sockets layer commands
Secure sockets layer (SSL) is a protocol developed for transmitting private documents through the
Internet. For more information, see Secure Sockets Layer commands (page 146).

System feature commands
SMB BSG 8x12 offers a set of system features, such as logon services, copying or writing
facilities, and duplex negotiation support. For more information, see System feature commands
(page 153).

Power over Ethernet commands
Power over Ethernet (PoE) technology is a system that transmits electrical power, along with data,
to remote devices over standard twisted-pair cable in an Ethernet network. For more information,
see Power over Ethernet commands (page 224).

System commands
Use the system commands to manage access permissions, mode access, and terminal
configurations on BSG. For more information, see System commands (page 230).

Virtual local area network commands
Virtual local area network (VLAN) is a group of devices on different physical LAN segments,
which communicate with each other as if they were all on the same physical LAN segment. For
more information, see Virtual local area network commands (page 267).

Dynamic host configuration protocol commands
Dynamic host configuration protocol (DHCP) allows dynamic configuration of a host computer.
For more information, see Dynamic host configuration protocol commands (page 309).

Commands Reference

26

New in this release

Simple network management protocol version 3 commands
Simple network management protocol version 3 (SNMPv3) specifies a generic management
framework, which is expandable for adding new management engines, security models, and access
control models. For more information, see Simple Network Management Protocol version 3
commands (page 349).

Internet protocol commands
Internet protocol (IP) is an identifier for a computer or device on a transmission control protocol
(TCP/IP) network. For more information, see Internet Protocol commands (page 384).

Internet group management protocol commands
Internet group management protocol (IGMP) reports group memberships to any immediate
neighboring multicast router. For more information, see Internet Group Management Protocol
commands (page 411).

Route redistribution commands
Route redistribution (RRD) allows different routing protocols to exchange routing information.
For more information, see Route redistribution commands (page 427).

Virtual router redundancy protocol commands
Virtual router redundancy protocol (VRRP) is an election protocol that dynamically assigns
responsibility for one or more virtual routers to the VRRP routers on a LAN. For more
information, see Virtual router redundancy protocol commands (page 436).

Routing information protocol commands
Routing information protocol (RIP) is a protocol used for managing router information within a
self-contained network. For more information, see Routing Information Protocol commands
(page 447).

Open shortest path first commands
Open shortest path first (OSPF) protocol is an Interior Gateway Protocol (IGP) used for
distributing routing information within a single autonomous system. For more information, see
Open Shortest Path First commands (page 467).

Domain name server commands
Use domain name server (DNS) commands to configure the DNS.

NN47928-100

New in this release

27

Firewall commands
A firewall is a complete security solution. For more information, see Firewall commands
(page 594).

Point-to-point protocol commands
The Point-to-point protocol (PPP) interface provides a point-to-point link between two
communicating ends. For more information, see Point-to-Point Protocol commands (page 631).

Simple network time protocol commands
The simple network time protocol (SNTP) module synchronizes the time and date in BSG. For
more information, see Simple Network Time Protocol commands (page 641).

Network address translation commands
Network address translation (NAT) provides a mechanism for a privately addressed network to
access registered networks, such as the internet, without requiring a registered subnet address. For
more information, see Network Address Translation commands (page 652).

Virtual private network policy commands
Virtual private network (VPN) policy commands are used to authenticate the VPN. For more
information, see Virtual private network policy commands (page 672).

Remote access commands
The remote access commands are used to configure remote access settings. For more information,
see Diffserv commands (page 697).

Wireless local area network commands
The wireless local area network (WLAN) module controls the configuration of the wireless access
point (AP) connected to the Business Service Gateway (BSG). For more information, see Wireless
local area network commands (page 780).

Digital subscriber line commands
The digital subscriber line (DSL) module controls the configuration and control of the DSL
modem connected to the BSG. For more information, see Digital Subscriber Line commands
(page 821).

T1/E1 commands
T1/E1 is a digital WAN carrier facility. For more information, see T1/E1 commands (page 831).

Commands Reference

28

New in this release

NN47928-100

29

How to get help
This section explains how to get help for Nortel products and services.

Getting Help from the Nortel Web site
The best way to get technical support for Nortel products is from the Nortel Technical Support
Web site:
http://www.nortel.com/support
This site provides quick access to software, documentation, bulletins, and tools to address issues
with Nortel products. More specifically, the site enables you to:
•

download software, documentation, and product bulletins

•

search the Technical Support Web site and the Nortel Knowledge Base for answers to
technical issues

•

sign up for automatic notification of new software and documentation for Nortel equipment

•

open and manage technical support cases

Getting Help over the phone from a Nortel Solutions Center
If you don’t find the information you require on the Nortel Technical Support Web site, and have a
Nortel support contract, you can also get help over the phone from a Nortel Solutions Center.
In North America, call 1-800-4NORTEL (1-800-466-7835).
Outside North America, go to the following Web site to obtain the phone number for your region:
http://www.nortel.com/callus

Getting Help from a specialist by using an Express Routing
Code
To access some Nortel Technical Solutions Centers, you can use an Express Routing Code (ERC)
to quickly route your call to a specialist in your Nortel product or service. To locate the ERC for
your product or service, go to:
http://www.nortel.com/erc

Commands Reference

30

How to get help

Getting Help through a Nortel distributor or reseller
If you purchased a service contract for your Nortel product from a distributor or authorized
reseller, contact the technical support staff for that distributor or reseller.

NN47928-100

31

Introduction
The Commands Reference guide describes the Layer 2, Layer 3, Business Service Gateway (BSG),
and wireless command line interface (CLI) commands.
Both the service providers and system administrators use the CLI commands. CLI is the interface
to the software you use when you access the BSG. Install the BSG and configure it. If the installer
does not have access to a network or a Web UI, they must configure the BSG using the CLI. You
can access the CLI remotely through Telnet (with the Telnet server on the equipment). Use secure
shell for secure CLI access.
With the CLI, you have more flexibility and control than with the Web user interface (UI). You
can configure all of the available parameters in the CLI. But you cannot configure all the
parameters in the Web UI. CLI is also faster than the GUI.

Navigation
•
•
•
•
•
•

Command modes (page 33)
Layer 2 commands (page 43)
Layer 3 commands (page 383)
BSG commands (page 593)
Wireless commands (page 779)
Appendix A - Target based commands (page 853)

Logging on to the CLI
Use the following procedure to log on to the CLI using Telnet or SSH.

Prerequisites
•

Use the web GUI to enable Telnet.
Step

Action

1

Launch the Telnet or SSH application from your PC.

2

When prompted, enter the IP address of the BSG you want to access.

3

Enter your user name.
First time users must enter nnadmin for the user name.

4

Enter your password.
First time users must enter PlsChgme! for the password.

5

The BSG# or command prompt appears.

Commands Reference

32

Introduction

NN47928-100

33

Command modes
This section describes the command modes available in the Small and Medium Business (SMB)
Business Services Gateway (BSG) 8ew and BSG12ew/aw/tw 1.0.

Command modes navigation
•
•
•

Layer 2 command modes(page 34)
Layer 3 command modes(page 37)
Hierarchy of command modes(page 38)

Commands Reference

34

Command modes

Layer 2 command modes
The following command modes are available in Layer 2:
•
•

Command modes(page 34)
Protocol-specific modes(page 35)

Command modes
Use Telnet or a Secure Shell (SSH) to access the command line interface (CLI). The following is a
list of available modes when logon is complete:
•
•
•
•
•

User EXEC mode(page 34)
Privileged EXEC mode(page 34)
Global configuration mode(page 34)
Interface configuration mode (page 34)
Protocol-specific modes (page 35)

User EXEC mode
After you log on to the device, you are automatically in the User EXEC mode. Use the User EXEC
commands to temporarily change terminal settings, perform basic tests, and list system
information.

Privileged EXEC mode
Privileged access is password protected to prevent unauthorized use. The password is not
displayed on the screen and is case-sensitive. The Privileged EXEC mode prompt is the device
name followed by the pound (#) sign.

Global configuration mode
Global configuration commands can be executed at any level of the system.

Interface configuration mode
Use interface configuration commands to modify specific interface operations. These commands
always follow the global configuration command, which defines the interface type:
•
•
•
•
•
•
•

Physical interface mode(page 35)
Port channel interface mode(page 35)
VLAN interface mode (page 35)
Config VLAN mode(page 35)
Tunnel interface mode(page 35)
Out of band interface mode(page 35)
PPP interface mode(page 35)

NN47928-100

Command modes

35

Physical interface mode
This is a sub-section of interface configuration mode. Use the physical interface mode to perform
interface-specific operations. Use the exit command to return to the global configuration mode.

Port channel interface mode
Use the port channel interface mode to perform port-channel specific operations. Use the exit
command to return to the global configuration mode.

VLAN interface mode
Use the VLAN interface mode to perform Layer 3 internet protocol/virtual local area network
(L3-IPVLAN) specific operations. Use the exit command to return to the global configuration
mode.

Config VLAN mode
Use this mode to configure VLAN properties.

Tunnel interface mode
Use the tunnel interface mode to perform tunnel-specific operations. Use the exit command to
return to the global configuration mode.

Out of band interface mode
Use the out of band (OOB) interface mode to perform OOB-specific operations. Use exit to
return to the global configuration mode.

PPP interface mode
Use the PPP interface mode to perform PPP-specific operations. Use exit to return to the global
configuration mode

Protocol-specific modes
Use Telnet or a Secure Shell (SSH) to access the command line interface (CLI). The following is a
list of available modes once logon is complete:
•
•
•
•
•
•

MSTP configuration mode
DiffSrv ClassMap configuration mode(page 36)
DiffSrv Policy-Map configuration mode(page 36)
DHCP pool configuration mode(page 36)
ACL standard access list configuration mode(page 36)
ACL MAC configuration mode(page 36)

MSTP configuration mode
Use this mode to configure the multiple spanning tree protocol (MSTP) specific parameters for the
switch. Use the global configuration mode command spanning-tree mst configuration to
enter the MSTP configuration mode. The prompt displayed at this mode is is(config-mst).
Use the exit command to return to the global configuration mode.

Commands Reference

36

Command modes

DiffSrv ClassMap configuration mode
Use the Diff ClassMap configuration mode to create a class map for matching the packets to the
class whose index is specified and to enter the class-map configuration mode. Use the global
configuration mode command class-map  to enter the DiffSvr
Policy-Map configuration mode. The prompt displayed at this mode is iss(config-pmap)#.
Use the exit command to return to the global configuration mode.

DHCP pool configuration mode
Use this mode to configure the network pool/host configurations of a subnet pool.
Use the global configuration mode command ip dhcp pool  to
create a DHCP server address pool and place the user in the DHCP pool configuration mode. The
prompt displayed at this mode is iss(dhcp-config)#.
Use the exit command to return to the global configuration mode.

ACL standard access list configuration mode
Standard access lists create filters based on IP address and network mask only (Layer 3 filters
only).
Use the global configuration mode command ip access-list standard <(1-1000) to
create IP access control lists (ACL) and enter the ACL standard access list configuration mode.
The prompt displayed at this mode is iss(config-std-nacl)#.
Use the exit command to return to the global configuration mode.

ACL MAC configuration mode
Use the ACL MAC configuration mode to create Layer 2 MAC ACLs and return the ACL MAC
configuration mode to the user.
Use the global configuration mode command mac access-list extended <(1-65535)> to
enter the ACL MAC configuration mode. The prompt displayed at this mode is
iss(config-ext-macl)#.

Use the exit command to return to the global configuration mode.

NN47928-100

Command modes

37

Layer 3 command modes
The following command modes are available in Layer 3.
•
•
•
•

Protocol Independent Multicast component mode(page 37)
Router configuration mode(page 37)
VRRP router configuration mode(page 37)
VRRP interface configuration mode(page 37)

Protocol Independent Multicast component mode
Use the Protocol Independent Multicast (PIM) component mode to configure the PIM component.
Use the global configuration mode command ip pim comp to enter the PIM
component mode. Use the exit command to return to the global configuration mode.

Router configuration mode
Use the router configuration mode to configure the router protocol. Use the global configuration
mode command router  to enter the router configuration mode. The
prompt displayed at this mode is bsg(config-router)#. Use the exit command to return to
the global configuration mode or use the end command to exit to the Privileged EXEC mode.

VRRP router configuration mode
Use the VRRP router configuration mode to configure the virtual router. Use the global
configuration mode command router vrrp to enter the virtual router redundancy protocol
(VRRP) router configuration mode. Use the exit command to return to the global configuration
mode or use the end command to exit to the Privileged EXEC mode.

VRRP interface configuration mode
Use this mode to configure the VRRP interfaces. Use the global configuration mode command
interface Vlan  to enter the VRRP router configuration mode. The prompt
displayed at this mode is bsg(config-vrrp-if)#. Use the exit command to return to the
VRRP router configuration mode or use the end command to exit to the Privileged EXEC mode.

Technical Report 69 mode
Use this mode to configure Technical Report (TR) 69 related parameters. Use the tr69 command
from the config mode. Use the exit command to return to the config mode and end command to
exit to the Privileged EXEC mode.

Commands Reference

38

Command modes

Hierarchy of command modes
The following figures shows the hierarchy of command modes.

NN47928-100

39

Using command modes
The Command Line Interface (CLI) uses different command modes, depending on the type of
operation that you are performing. Each command listed in this reference guide includes
information about which command mode to use for that specific command. This chapter describes
how to access the command modes available on the CLI.
Each command mode has a specific prompt associated with it. The prompt indicates the current
command mode:
•
•
•
•
•

bsg# indicates Privileged Exec mode
bsg(config)# indicates Global Configuration mode
bsg(config-if)# indicates Interface Configuration mode
bsg(config-vlan)# indicates Config-VLAN mode
bsg(config-line)# indicates Line Configuration mode

Privileged Exec mode
Use the Privileged Exec mode to configure general operating parameters on the BSG system.

Using Privileged Exec mode
Procedure steps
Step

Action

1

Log on to the BSG system using Telnet or SSH.

2

The CLI defaults to Privileged Exec mode.
The prompt displayed for this mode is BSG#.

3

At the prompt, enter a command.

4

To exit this mode, enter logout.

End

Global configuration mode
Use the Global Configuration mode to configure system-wide settings.

Using Global configuration mode
Procedure Steps
Step

Action

Commands Reference

40

Using command modes

1

Log on to the BSG system using Telnet or SSH.

2

The CLI defaults to Privileged Exec mode.
The prompt displayed for this mode is BSG#.

3

At the prompt, enter the following command: configure terminal.
The system changes to Global Configuration mode, and displays the following
prompt: BSG(config)#

4

At the prompt, enter a command.

5

Enter exit to return to the Privileged Exec mode.

End

Interface configuration mode
Use the Interface Configuration mode to configure specific interface settings.

Using Interface configuration mode
Procedure steps
Step

Action

1

Log on to the BSG system using Telnet or SSH.

2

The CLI defaults to Privileged Exec mode.
The prompt displayed for this mode is BSG#.

3

At the prompt, enter the following command: configure terminal.
The system changes to Global Configuration mode, and displays the following
prompt: BSG(config)#

4

At the prompt, enter the following command: interface 

The system changes to Interface Configuration mode, and displays the following
prompt: BSG(config-if)#

5

Enter exit to return to Global Configuration mode.

6

Enter end to return to the Privileged Exec mode.

End

NN47928-100

Using command modes

41

Variable definitions
This table describes the variables used in the Interface Configuration mode.
Variable

Value

interface type

Specifies the interface type. The interface type can be a
gigabitethernet or a fastethernet interface.

interface id

Specifies the physical interface ID including type, slot and port
number. The value is numeric. Example: 0/2

Config-VLAN mode
Use the Config-VLAN mode to configure virtual LAN (VLAN) settings.

Using Config-VLAN mode
Procedure steps
Step

Action

1

Log on to the BSG system using Telnet or SSH.

2

The CLI defaults to Privileged Exec mode.
The prompt displayed for this mode is BSG#.

3

At the prompt, enter the following command: configure terminal.
The system changes to Global Configuration mode, and displays the following
prompt: bsg(config)#

4

At the prompt, enter the following command: vlan 
The system changes to Config-VLAN mode, and displays the following prompt:
bsg(config-vlan)#

5

Enter exit to return to Global Configuration mode.

6

Enter end to return to the Privileged Exec mode.

End

Variable Definitions
This table describes the variables used in the Config-VLAN mode.
Variable

Value

vlan id

Specifies the number that
identifies the VLAN. The value
is numeric. Example: 5.

Commands Reference

42

Using command modes

Line configuration mode
Use the Line Configuration mode to configure terminal line settings.

Using Line configuration mode
Procedure steps
Step

Action

1

Log on to the BSG system using Telnet or SSH.

2

The CLI defaults to Privileged Exec mode.
The prompt displayed for this mode is bsg#.

3

At the prompt, enter the following command: configure terminal.
The system changes to Global Configuration mode, and displays the following
prompt: bsg(config)#

4

At the prompt, enter the following command: 
The system changes to Line Configuration mode, and displays the following
prompt: bsg(config-line)#

5

Enter exit to return to Global Configuration mode.

6

Enter end to return to the Privileged Exec mode.

End

Variable definitions
This table describes the variables used in the Line Configuration mode.
Variable

Value

console

Use when configuring lines that access the BSG through a
console attached to the serial port.

vty

Use when configuring lines that access the BSG from a remote
terminal using telnet or SSH.

NN47928-100

43

Layer 2 commands
This section describes the commands used in configuring the Layer 2 Command Line Interface
(CLI). The CLI supports a simple logon authentication mechanism. The authentication is based on
a user name and password you provide during logon. The root user is factory-programmed with
the password admin123.

Layer 2 commands navigation
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•

Spanning Tree Protocol commands (page 44)
Port based network access control commands (page 77)
Remote Authentication Dial-in User Service commands (page 98)
TACACS commands (page 103)
Internet Group Management Protocol snooping commands (page 109)
Syslog commands (page 132)
Secure Shell commands (page 142)
Secure Sockets Layer commands (page 146)
System feature commands (page 153)
Power over Ethernet commands (page 224)
RMON commands (page 259)
Virtual local area network commands (page 267)
Dynamic host configuration protocol commands (page 309)
DHCP client commands (page 311)
DHCP relay commands (page 316)
DHCP server commands (page 324)
Simple Network Management Protocol version 3 commands (page 349)

Commands Reference

44

Layer 2 commands

Spanning Tree Protocol commands
Spanning Tree Protocol (STP) is a link management protocol that provides path redundancy while
preventing undesirable loops in the network that are created by multiple active paths between
stations. To establish path redundancy, STP creates a tree that spans all the switches in an extended
network, forcing redundant paths into a standby or blocked state.
For proper functioning of an Ethernet network, only one active path must exist between two
stations. Multiple active paths between stations in a bridged network can cause loops in which
Ethernet frames can endlessly circulate. STP can logically break such loops and prevent looping
traffic from clogging the network. The dynamic control of the topology provides continued
network operation in the presence of redundant or unintended looping paths.

STP navigation
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•

clear spanning-tree counters (page 46)
clear spanning-tree detected protocols (page 47)
debug spanning-tree (page 48)
instance (page 50)
name (page 51)
revision (page 52)
show spanning-tree bridge (page 53)
show spanning-tree—detail, active (page 54)
show spanning-tree interface (page 55)
show spanning-tree—summary, blockedports, pathcost (page 56)
show spanning-tree mst configuration (page 58)
show spanning-tree mst—common internal spanning tree or specified mst instance (page 59)
show spanning-tree mst—port-specific configuration (page 60)
show spanning-tree root (page 61)
shutdown spanning-tree (page 62)
spanning-tree (page 63)
spanning-tree priority (page 64)
spanning-tree compatibility (page 65)
spanning-tree mode (page 66)
spanning-tree auto-edge (page 67)
spanning-tree mst configuration (page 68)
spanning-tree mst hello-time (page 69)
spanning-tree mst max-hops (page 70)
spanning-tree path cost method (page 72)
spanning-tree - Properties of an interface (page 73)
spanning-tree mst - Properties of an interface for MSTP (page 74)
spanning-tree timers (page 75)

NN47928-100

Layer 2 commands

•

45

spanning-tree transmit hold-count (page 76)

Commands Reference

46

Layer 2 commands

clear spanning-tree counters
Use this command to reset all bridge-level and port-level statistics counters.

Command mode
Global configuration

Syntax
clear spanning-tree counters

Related commands
show spanning-tree interface
show spanning-tree mst configuration

NN47928-100

Layer 2 commands

47

clear spanning-tree detected protocols
Use this command to restart the protocol migration process on all of the interfaces and force
renegotiation with the neighboring switches.

Command mode
Privileged EXEC

Syntax
clear spanning-tree detected protocols [interface 
]

Variable definitions
This table describes the variables used in the instance command.
Variable

Value

interface

Specifies the interface type and interface id.

Related commands
show spanning-tree interface
show spanning-tree mst—port-specific configuration

Commands Reference

48

Layer 2 commands

debug spanning-tree
Use this command to provide spanning tree debugging support. Precede this command with no to
disable debugging.

Command mode
Privileged EXEC

Syntax
debug spanning-tree { all | errors |init-shut | management | memory |
bpdu | events | timer | state-machine { port-info | port-receive |
port-role-selection | role-transition | state-transition |
protocol-migration | topology-change | port-transmit | bridge-detection
} | redundancy | sem-variables}

no debug spanning-tree {all | errors | init-shut | management | memory |
bpdu | events | timer | state-machine {port-info | port-receive |
port-role-selection | role-transition | state-transition |
protocol-migration | topology-change | port-transmit | bridge-detection
} | redundancy | sem-variables}

Variable definitions
The following table describes the variables used in debug spanning-tree command.
Variable

Value

all

Specifies all RSTP and MSTP debug messages.

bpdu

Specifies BPDU-related messages.

bridge-detection

Specifies bridge detection messages.

errors

Specifies error code debug messages.

events

Specifies events-related messages.

init-shut

Specifies initialize and shutdown debug messages.

management

Specifies management messages.

Memory

Specifies memory-related messages.

port-info

Specifies port information messages.

port-receive

Specifies port-received messages.

port-role-selection

Specifies port role selection messages.

port-transmit

Specifies port transmission messages.

protocol-migration

Specifies protocol migration messages.

redundancy

Specifies redundancy-related messages.

role-transition

Specifies role transition messages.

NN47928-100

Layer 2 commands

Variable

Value

sem-variables

Specifies state-machine variables debug messages.

state machine

Specifies state-machine related debug messages.

state-transition

Specifies state transition messages.

timer

Specifies timer module messages.

topology-change

Specifies topology change messages.

49

Defaults
Debugging is disabled

Related commands
show spanning-tree—summary, blockedports, pathcost

Commands Reference

50

Layer 2 commands

instance
Use this command to map virtual local area networks (VLAN) to a multiple spanning tree (MST)
instance. Precede this command with no to delete the instance and unmap specific VLANs from
the MST instance. A single VLAN identified by VLAN ID number is specified by a range of
VLANs separated by a hyphen, or a series of VLANs separated by a comma.

Command mode
MSTP configuration

Syntax
instance  vlan 

no instance  [vlan ]

Variable definitions
This table describes the variables used in the instance command.
Variable

Value

instance-id(1-64)

Specifies spanning tree instances.

vlan-range

Specifies VLAN range associated with a spanning tree
instance.

Defaults
VLANs mapped for instance 0: 1–1024, 1025–2048, 2049–3072, 3073–4094

Related commands
show spanning-tree mst configuration

NN47928-100

Layer 2 commands

51

name
Use this command to set the configuration name for the MST region. Precede this command with
no to delete the configuration name. The name string is case sensitive.

Command mode
MSTP configuration

Syntax
name 
no name

Variable definitions
This table describes the variables used in the name command.
Variable

Value

string(optional max length)

Indicates maximum string length of 32 characters.

Defaults
The default configuration name is 00: 00: 00 :00: 00: 00:

Related commands
show spanning-tree mst configuration

Commands Reference

52

Layer 2 commands

revision
Use this command to set the configuration revision number for the MST region. Precede this
command with no to delete the configuration revision number.

Command mode
MSTP configuration

Syntax
revision 

no revision

Variable definitions
This table describes the variables used in the revision command.
Variable

Value



Sets the configuration revision number.

Defaults
Configuration name is 0

Related commands
show spanning-tree mst configuration

NN47928-100

Layer 2 commands

53

show spanning-tree bridge
Use this command to display spanning tree information.

Command mode
Privileged EXEC or User EXEC

Syntax
show spanning-tree bridge [{address | forward-time | hello-time | id |
max-age | protocol | priority | detail }]

Variable definitions
This table describes the variables used in the show spanning-tree bridge command.
Variable

Value

address

Specifies bridge address.

detail

Displays bridge detail.

forward-time

Specifies bridge forward time.

hello-time

Specifies bridge hello time.

id

Specifies bridge ID.

max-age

Specifies bridge maximum age.

priority

Specifies bridge priority.

protocol

Specifies spanning tree protocol.

Related commands
show spanning-tree—detail, active
spanning-tree mode
spanning-tree timers

Commands Reference

54

Layer 2 commands

show spanning-tree—detail, active
Use this command to display spanning tree information.

Command mode
Privileged and User EXEC

Syntax
show spanning-tree {detail [active] | active [detail] }

Variable definitions
This table describes the variables used in the show spanning-tree-detail, active
command.
Variable

Value

active

Displays the bridge and details of the active ports (active ports
are those ports that are participating in the spanning tree).

detail

Displays details about the port and bridge. These include
designated bridge details, designated port details, timer
values, and root bridge.

Related commands
show spanning-tree bridge
show spanning-tree interface
spanning-tree
spanning-tree priority
spanning-tree compatibility
spanning-tree mode
spanning-tree - Properties of an interface
spanning-tree mst - Properties of an interface for MSTP
spanning-tree timers
spanning-tree transmit hold-count

NN47928-100

Layer 2 commands

55

show spanning-tree interface
Use this command to display spanning tree information.

Command mode
Privileged and User EXEC

Syntax
show spanning-tree interface   [{cost |
priority | portfast | rootcost | state | stats | detail}]

Variable definitions
This table describes the variables used in the show spanning-tree interface command.
Variable

Value

cost

Indicates spanning tree port cost.

detail

Displays details about the port and bridge.

portfast

Indicates spanning tree portfast state.

priority

Indicates spanning tree port priority.

rootcost

Indicates spanning tree rootcost (path cost to reach the root)
value.

state

Indicates spanning tree state.

stats

Displays the input and output packets by switching path for
the interface.

Related commands
clear spanning-tree counters
clear spanning-tree detected protocols
show spanning-tree—detail, active
spanning-tree - Properties of an interface
spanning-tree mst - Properties of an interface for MSTP

Commands Reference

56

Layer 2 commands

show spanning-tree—summary, blockedports, pathcost
Use this command to display spanning tree information. This command holds good for both RSTP
and MSTP.

Command mode
Privileged EXEC or User EXEC

Syntax
show spanning-tree [{summary | blockedports | pathcost method }]

Variable definitions
This table describes the variables used in the show spanning-tree—summary,
blockedports, pathcost command.
Variable

Value

blockedports

Specifies blocked ports in the system.

pathcost method

Specifies pathcost method configured for a bridge.

summary

Displays summary of port states.

Defaults
Spanning tree is enabled with MSTP operating in the switch

Related commands
show spanning-tree bridge
show spanning-tree interface
spanning-tree
spanning-tree priority
spanning-tree compatibility
spanning-tree mode
spanning-tree path cost method
spanning-tree - Properties of an interface
spanning-tree mst - Properties of an interface for MSTP
spanning-tree timers
spanning-tree transmit hold-count

NN47928-100

Layer 2 commands

57

show spanning-tree mst—CIST or specified mst Instance
Use this command to display multiple spanning tree information for the Common Internal
Spanning Tree (CIST) instance or specified MST instance. The MST option is available only when
MSTP is the operational mode of the spanning tree.

Command mode
Privileged EXEC or User EXEC

Syntax
show spanning-tree mst [] [detail]

Variable definitions
This table describes the variables used in the show spanning-tree mst—CIST command.
Variable

Value

instance-id

Specifies the range of spanning tree instances.

detail

Specifies the spanning tree mst instance specific
details.

Related commands
instance
spanning-tree priority
spanning-tree mst - Properties of an interface for MSTP

Commands Reference

58

Layer 2 commands

show spanning-tree mst configuration
Use this command to display multiple spanning tree instance configuration.

Command mode
Privileged EXEC or User EXEC

Syntax
show spanning-tree mst configuration

Related commands
instance
name
revision

NN47928-100

Layer 2 commands

59

show spanning-tree mst—common internal spanning tree or
specified mst instance
Use this command to display multiple spanning tree information for the Common Internal
Spanning Tree (CIST) instance or specified MST instance.

Command mode
Privileged EXEC or User EXEC

Syntax
show spanning-tree mst [] [detail]

Variable definitions
This table describes the variables used in the show spanning-tree mst—common internal
spanning tree or specified mst instance command.
Variable

Value

detail

Specifies spanning tree MST instance-specific
details.

instance-id

Specifies range of spanning tree instances.

Related commands
instance
spanning-tree priority
spanning-tree mst - Properties of an interface for MSTP

Commands Reference

60

Layer 2 commands

show spanning-tree mst—port-specific configuration
Use this command to display multiple spanning tree port-specific configuration.

Command mode
Privileged and User EXEC

Syntax
show spanning-tree mst [] interface 
 [{stats | hello-time | detail }]

Variable definitions
This table describes the variables used in the show spanning-tree mst—port-specific
configuration command.
Variable

Value

detail

Details multiple spanning tree port-specific configuration.

hello-time

Determines how often the switch broadcasts its hello
message to other switches when it is the root of the spanning
tree.

instance-id

Specifies the range of spanning tree instances.

interface

Details interface type and interface id.

stats

Displays the input and output packets by switching path for
the interface.

Related commands
clear spanning-tree counters
clear spanning-tree detected protocols
instance
show spanning-tree interface
spanning-tree mst hello-time
spanning-tree mst - Properties of an interface for MSTP
spanning-tree - Properties of an interface

NN47928-100

Layer 2 commands

61

show spanning-tree root
Use this command to display spanning tree information.

Command mode
Privileged and User EXEC

Syntax
show spanning-tree root [{address | cost | forward-time | hello-time | id
| max-age | port | priority | detail }]

Variable definitions
This table describes the variables used in the show spanning-tree root command.
Variable

Value

address

Specifies root bridge MAC address.

cost

Specifies cost value associated with the port.

detail

Displays details about the port and bridge. These include
designated bridge details, designated port details, timer
values, and root bridge.

forward-time

Specifies root bridge forward time

hello-time

Specifies root bridge hello time.

id

Specifies root bridge ID.

max-age

Specifies root bridge maximum age.

port

Specifies root port.

priority

Specifies root bridge priority.

Related commands
show spanning-tree—summary, blockedports, pathcost
spanning-tree priority
spanning-tree timers

Commands Reference

62

Layer 2 commands

shutdown spanning-tree
Use this command to shut down spanning tree operation. MSTP and RSTP are mutually exclusive
and hence the MSTP module must be shutdown to start the RSTP module. The bridge module
must be enabled to start RSTP.

Command mode
Global configuration

Syntax
shutdown spanning-tree

Defaults
MSTP is started and enabled

Related commands
show spanning-tree—detail, active
spanning-tree mode

NN47928-100

Layer 2 commands

63

spanning-tree
Use this command to enable the spanning tree operation. Precede this command with no to disable
the spanning tree operation.

Command mode
Global configuration

Syntax
spanning-tree

no spanning-tree

Defaults
Spanning tree enabled is MSTP

Related commands
show spanning-tree—summary, blockedports, pathcost

Commands Reference

64

Layer 2 commands

spanning-tree priority
Use this command to set the bridge priority for the spanning tree in steps of 4096. Precede this
command with no to set the bridge priority to the default value.

Command mode
Global configuration

Syntax
spanning-tree [mst ] priority 

no spanning-tree [mst (1-64)> priority]

Variable definitions
This table describes the variables used in the spanning-tree priority command.
Variable

Value

mst 

Specifies the range of spanning tree instances.

priority 

no spanning-tree mst hello-time

Defaults
Spanning-tree mst hello-time is 2 seconds

Related commands
show spanning-tree bridge

Commands Reference

70

Layer 2 commands

spanning-tree mst max-hops
Use this command to set the maximum number of hops permitted in the MST. Precede this
command with no to set the maximum number of hops permitted in the MST to the default value.
The root switch of the instance always sends a BPDU with a cost of 0 and the hop count set to the
maximum value.

Command mode
Global configuration

Syntax
spanning-tree mst max-hops 

no spanning-tree mst max-hops

Variable definitions
This table describes the variables used in the spanning-tree mst max-hops command.
Variable

Value

hop-count <1-10>

Specifies the number of hops in a region before the
BDPU is discarded.

Defaults
20

Related commands
show spanning-tree mst configuration

NN47928-100

Layer 2 commands

71

spanning-tree pathcost dynamic
Use this command to set the maximum number of hops permitted in the MST. Precede this
command with no to set the maximum number of hops permitted in the MST to the default value.
The root switch of the instance always sends a BPDU with a cost of 0 and the hop count set to the
maximum value.

Command mode
Global configuration

Syntax
spanning-tree pathcost dynamic

no spanning-tree pathcost dynamic

Defaults
disabled

Related commands
spanning-tree path cost method
spanning-tree compatibility
spanning-tree - Properties of an interface
spanning-tree mst - Properties of an interface for MSTP

Commands Reference

72

Layer 2 commands

spanning-tree path cost method
Use this command to set the method to calculate the port path cost. Precede this command with no
to set the method to calculate the port value to its default value.

Command mode
Global configuration

Syntax
spanning-tree pathcost method{long|short}

no spanning-tree pathcost method

Variable definitions
This table describes the variables used in the spanning-tree path cost method command.
Variable

Value

long

Specifies 32-bit pathcost.

short

Specifies 16-bit pathcost.

Defaults
Long if MSTP or RSTP is running
Short if STP compatible with RSTP is running

Related commands
show spanning-tree—summary, blockedports, pathcost

NN47928-100

Layer 2 commands

73

spanning-tree - Properties of an interface
Use this command to set the spanning tree properties of an interface. Precede this command with
no to set the spanning tree properties of an interface to the default value.

Command mode
Interface configuration

Syntax
spanning-tree {cost  | disable | link-type
{point-to-point | shared } | portfast | port-priority }

no spanning-tree {cost | disable | link-type | portfast | port-priority}

Variable definitions
This table describes the variables used in the spanning-tree - Properties of an
interface command.
Variable

Value

cost

Specifies the pathcost value associated with the port.

disable

Disables the spanning tree on the port.

link-type

Specifies the link type. The link is either a point-to-point link or
a shared LAN segment where another bridge is present.

portfast

Specifies that the port only has hosts connected and
transitions to forwarding rapidly.

port-priority

Specifies the port priority value.

Defaults
cost

2000000

link-type

shared

portfast

not in portfast mode

port-priority

128

Related commands
show spanning-tree interface

Commands Reference

74

Layer 2 commands

spanning-tree mst - Properties of an interface for MSTP
Use this command to set the spanning tree properties of an interface for MSTP. Precede this
command with no to set the spanning tree properties of an interface for MSTP to the default value.
If all interfaces have the same priority value, the MST puts the interface with the lowest interface
number in the forwarding state and blocks other interfaces

Command mode
Interface configuration

Syntax
spanning-tree {cost
|disable|link-type{point-to-point|shared}|portfast|p
ort-priority }

no spanning-tree mst {cost|port-priority | disable}

Variable definitions
This table describes the variables used in the spanning-tree mst - Properties of an
interface for MSTP command.
Variable

Value

cost

Specifies the pathcost value associated with the port.

disable

Disables the spanning tree on the port.

instance-id(1-64)

Specifies the range of spanning tree instances.

port-priority

Specifies port priority value.

Defaults
cost

2000000

port-priority

128

Related commands
show spanning-tree interface
show spanning-tree mst—port-specific configuration

NN47928-100

Layer 2 commands

75

spanning-tree timers
Use this command to set the spanning tree timers. Precede this command with no to set the
spanning tree timers to default values.

Command mode
Global configuration

Syntax
spanning-tree {forward-time }

no spanning-tree { forward-time | hello-time | max-age }

Variables definitions
This table describes the variables used in the spanning-tree timers command.
Variable

Value

forward-time 

no spanning-tree transmit hold-count

Variable definitions
This table describes the variables used in the spanning-tree transmit hold-count
command.
Variable

Value

transmit hold-count 

Specifies the counter used to limit the maximum
transmission rate of the switch.

Defaults
6

Related commands
show spanning-tree—summary, blockedports, pathcost

NN47928-100

Layer 2 commands

77

Port based network access control commands
Port based Network Access Control (PNAC) is a portable implementation of the IEEE Std 802.1x
PNAC. It is used on both local area network (LAN) switches and wireless LAN access points to
provide security services. When used in LAN switches, it offers access control to protected
resources existing in the switched network. When used in WLAN access points, it provides
authentication of the WLAN stations and improves the security by making use of the periodically
exchanged key for encrypting data. PNAC can port to RTOS environments and interface to
different switch hardware.

Port based network access control commands navigation
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•

aaa authentication dot1x default (page 78)
debug dot1x (page 79)
dot1x access-control (page 80)
dot1x auth-mode (page 85)
dot1x control-direction (page 81)
dot1x default (page 82)
dot1x init-session (page 83)
dot1x init-session-reauth (page 84)
dot1x local-database (page 86)
dot1x max-req (page 87)
dot1x max-start (page 88)
dot1x port-control (page 89)
dot1x re-authenticate (page 90)
dot1x reauthentication (page 91)
dot1x system-auth-control (page 92)
dot1x timeout (page 93)
set nas-id (page 95)
show dot1x (page 96)
shutdown dot1x (page 97)

Commands Reference

78

Layer 2 commands

aaa authentication dot1x default
Use this command to enable the dot1x local authentication or Remote Authentication Dial In User
Service (RADIUS) server based remote authentication method for all ports.

Command mode
Global configuration

Syntax
aaa authentication dot1x default {group radius | local}

Variable definitions
This table describes the variables used in the aaa authentication dot1x default
command.
Variable

Value

group radius

Specifies RADIUS server based authentication

local

Specifies local authentication.

Defaults
local

Related commands
dot1x local-database
radius-server host
show dot1x

NN47928-100

Layer 2 commands

79

debug dot1x
Use this command to enable debugging of the dot1x module. Precede this command with no to
disable debugging of dot1x module.

Command mode
Privileged EXEC

Syntax
debug dot1x {all | errors | events | packets | state-machine |
redundancy}

no debug dot1x {all | errors | events | packets | state-machine |
redundancy}

Variable definitions
This table describes the variables used in the debug dot1x command.
Variable

Value

all

Specifies all dot1x debug messages.

errors

Specifies dot1x error code debug messages.

events

Specifies dot1x event debug messages.

packets

Specifies dot1x packet debug messages.

redundancy

Specifies redundancy related messages.

state-machine

Specifies state-machine related-event debug
messages.

Defaults
Events debugging is enabled by default.

Related commands
show dot1x

Commands Reference

80

Layer 2 commands

dot1x access-control
Use this command to configure the supplicant access control. Precede this command with no to set
the access control to inactive.

Command mode
Interface configuration

Syntax
dot1x access-control {active|inactive}

no dot1x access-control

Variable definitions
This table describes the variables used in the dotx access-control command.
Variable

Value

active

Set the port status as a combined port status of the
authenticator and the supplicant.

inactive

Set the port status to the port status of the authenticator.

Defaults
Access control is inactive by default.

Related commands
show dot1x

NN47928-100

Layer 2 commands

81

dot1x control-direction
Use this command to configure port control direction. Precede this command with no to set the
authenticator port control direction to both.

Command mode
Interface configuration

Syntax
dot1x control-direction {in|both}

no dot1x control-direction

Variable definitions
This table describes the variables used in the dot1x control-direction command.
Variable

Value

both

Specifies that authentication control is imposed on both
incoming and outgoing packets.

in

Specifies that authentication control is imposed only on the
incoming packets.

Defaults
Control direction is both by default.

Related commands
show dot1x

Commands Reference

82

Layer 2 commands

dot1x default
Use this command to configure dot1x with default values for this port.

Command mode
Interface configuration

Syntax
dot1x default

Defaults
Per-interface 802.1X protocol enable state

Enabled (force-authorized)

Periodic re authentication

Disabled

Number of seconds between re
authentication attempts

3600 seconds

Quiet period

60 seconds

Retransmission time

30 seconds

Maximum retransmission number

2 times

Client timeout period

30 seconds

tx period

30 seconds

Authentication server timeout period

30 seconds

Related commands
show dot1x

NN47928-100

Layer 2 commands

83

dot1x init-session
Use this command to initiate dot1x authentication session.

Command mode
Global configuration mode

Syntax
dot1x init-session 

Variable definitions
This table describes the variables used in the dot1x init-session command.
Variable

Value

supp addr - aa.aa.aa.aa.aa.aa

Specifies the supplicant address to initiate.

Related commands
show dot1x

Commands Reference

84

Layer 2 commands

dot1x init-session-reauth
Use this command to initiate the dot1x reauthentication session.

Command mode
Global configuration mode

Syntax
dot1x init session-reauth 

Variable definitions
This table describes the variable used in the dot1x init-session-reauth command.
Variable

Value

supp addr - aa.aa.aa.aa.aa.aa

Specifies the supplicant address to initiate.

Related commands
show dot1x

NN47928-100

Layer 2 commands

85

dot1x auth-mode
Use this command to configure the port authentication mode. Precede this command with no to set
the port authentication mode to port based.

Command mode
Interface configuration mode

Syntax
dot1x auth-mode {port-based | mac-based}

no dot1x auth-mode

Variable definitions
This table describes the variables used in the dot1x auth-mode command.
Variable

Value

port-based

Specifies the value to configure port-based
authentication mode.

mac-based

Specifies the value to configure mac-based
authentication mode.

Related commands
show dot1x

Commands Reference

86

Layer 2 commands

dot1x local-database
Use this command to configure the dot1x authentication server database with user name and
password. Precede this command with no to delete an entry from the dot1x authentication server
database.

Command mode
Global configuration

Syntax
dot1x local-database  password  permission {allow |
deny} [] [interface 
]

no dot1x local-database username

Variable definitions
This table describes the variables used in the dot1x local-database command.
Variable

Value

auth-timeout

Specifies the number of seconds between authentication
attempts.

interface

Specifies the port list of the interface on which dot1x
authentication can be applied.

password

Specifies the password.

permission

Specifies whether the user is allowed or denied access on a
set of ports.

username

Specifies user name.

Defaults
permission

allow

interface-list

all the physical interfaces

Related commands
aaa authentication dot1x default
show dot1x

NN47928-100

Layer 2 commands

87

dot1x max-req
Use this command to set the maximum number of Extensible Authentication Protocol (EAP)
retries to the client before restarting authentication process. Precede this command with no to set
the maximum number of EAP retries to the client to default value.

Command mode
Interface configuration

Syntax
dot1x max-req 

no dot1x max-req

Variable definitions
This table describes the variables used in the dot1x max-req command.
Variable

Value

count(1-10)

Specifies number of EAP retries to the client.

Defaults
count

2

Related commands
show dot1x

Commands Reference

88

Layer 2 commands

dot1x max-start
Use this command to set the maximum number of EAP retries to the authenticator. Precede this
command with no to set the maximum number of EAP retries to the authenticator to default value.

Command mode
Interface configuration

Syntax
dot1x max-start 

no dot1x max-start

Variable definitions
This table describes the variables used in the dot1x max-start command.
Variable

Value

count(1-10)

Specifies the number of EAP retries to the
authenticator. Value ranges from 1 to 10.

Defaults
count

NN47928-100

3

Layer 2 commands

89

dot1x port-control
Use this command to configure the authenticator port control parameter. Precede this command
with no to set the authenticator port control state to force authorized.

Command mode
Interface configuration

Syntax
dot1x port-control {auto|force-authorized|force-unauthorized}

no dot1x port-control

Variable definitions
This table describes the variables used in the dot1x port-control command.
Variable

Value

auto

Enables 802.1x authentication on the interface and causes
the port to transition to the authorized or unauthorized state
based on the 802.1x authentication exchange between the
server and the client.

force-authorized

All the traffic is allowed without any restrictions.

force-unauthorized

All the traffic over the interface will be blocked.

Defaults
Force-authorized is enabled

Related commands
dot1x default
show dot1x

Commands Reference

90

Layer 2 commands

dot1x re-authenticate
Use this command to initiate re-authentication of all dot1x-enabled ports or the specified
dot1x-enabled port.

Command mode
Privileged EXEC

Syntax
dot1x re-authenticate [interface  ]

Variable definitions
This table describes the variables used in the dot1x re-authenticate command.
Variable

Value

interface

Specifies port number of the interface to
re-authenticate.

Defaults
dot1x is enabled by default.

Related commands
show dot1x

NN47928-100

Layer 2 commands

91

dot1x reauthentication
Use this command to enable periodic re-authentication from authenticator to client. Precede this
command with no to disable periodic re-authentication from authenticator to client.

Command mode
Interface configuration

Syntax
dot1x reauthentication

no dot1x reauthentication

Defaults
Periodic re-authentication is disabled

Related commands
dot1x default
dot1x timeout
show dot1x

Commands Reference

92

Layer 2 commands

dot1x system-auth-control
Use this command to enable dot1x in the switch. Precede this command with no to disable dot1x
in the switch

Command mode
Global configuration

Syntax
dot1x system-auth-control

no dot1x system-auth-control

Defaults
dot1x is enabled

Related commands
show dot1x
shutdown dot1x

NN47928-100

Layer 2 commands

93

dot1x timeout
Use this command to set the dot1x timers. Precede this command with no to set the dot1x timers
to the default values.

Command mode
Interface configuration

Syntax
dot1x timeout {quiet-period  | {reauth-period |
server-timeout | supp-timeout | tx-period | start-period | held-period |
auth-period }}

no dot1x timeout {quiet-period | reauth-period | server-timeout |
supp-timeout | tx-period | start-period | held-period | auth-period}

Variable definitions
This table describes the variables used in the dot1x timeout command.
Variable

Value

auth-period

Specifies the number of seconds that the supplicant waits
before timing-out the authenticator.

held-period

Specifies the number of seconds that the supplicant waits
before trying to acquire the authenticator.

quiet-period

Specifies the number of seconds that the switch remains in
the quiet state following a failed authentication exchange with
the client.

reauth-period

Specifies the number of seconds between re-authentication
attempts.

server-timeout

Specifies the number of seconds that the switch waits for the
retransmission of packets by the switch to the authentication
server.

start-period

Specifies the number of seconds that the supplicant waits
between successive retries to the authenticator.

supp-timeout

Specifies the number of seconds that the switch waits for the
retransmission of packets by the switch to the client.

tx-period

Specifies the number of seconds that the switch waits for a
response to an EAP-request/identity frame from the client
before retransmitting the request.

Commands Reference

94

Layer 2 commands

Defaults
quiet-period

60 seconds

reauth-period

3600 seconds

server-timeout

30 seconds

supp-timeout

30 seconds

tx-period

30 seconds

start-period

30 seconds

held-period

60 seconds

auth-period

30 seconds

Related commands
dot1x default
dot1x max-req
dot1x reauthentication
show dot1x

NN47928-100

Layer 2 commands

95

set nas-id
Use this command to set the dot1x network access server id.

Command mode
Global configuration

Syntax
set nas-id 

Variable definitions
This table describes the variables used in the set nas-id command.
Variable

Value

identifier

Specifies the dot1x network access server ID of string length
16.

Defaults
fsNas1

Related commands
show dot1x

Commands Reference

96

Layer 2 commands

show dot1x
Use this command to display dot1x information.

Command mode
Privileged EXEC or User EXEC

Syntax
show dot1x [{interface   | statistics
interface   | supplicant-statistics
interface  |local-database | mac-info
[address ] |mac-statistics [address
] | all }]

Variable definitions
This table describes the variables used in the show dot1x command.
Variable

Value

all

Specifies the dot1x status for all interfaces.

interface

Specifies the dot1x status for the specified interface.

local-database

Specifies the dot1x authentication server database with user
name and password.

mac-info

Specifies the dot1x MAC information for the interface with
the specified MAC address.

mac-statistics

Specifies the dot1x MAC statistics for the interface with the
specified MAC address.

statistics interface

Specifies the dot1x authenticator statistics for the switch or
the specified interface.

supplicant-statistics interface

Specifies the dot1x supplicant statistics for the switch or the
specified interface.

Related commands
dot1x default

NN47928-100

Layer 2 commands

97

shutdown dot1x
Use this command to shut down dot1x capability. Precede this command with no to start and
enable dot1x capability.

Command mode
Global configuration

Syntax
shutdown dot1x

no shutdown dot1x

Related commands
dot1x system-auth-control
show dot1x

Commands Reference

98

Layer 2 commands

Remote Authentication Dial-in User Service commands
Remote Authentication Dial-in User Service (RADIUS) is a client and server protocol and
software that enables remote access servers to communicate with a central server to authenticate
dial-in users and authorize their access to the requested system or service. It is commonly used for
embedded network devices such as routers, modem servers, and switches. RADIUS is the
accepted standard for remote authentication. It is prevalent in both new and legacy systems and
provides the following benefits:
•
•

facilitates centralized user administration.
consistently provides some level of protection against an active attacker.

RADIUS commands navigation
•
•
•
•

debug radius (page 99)
radius-server host (page 100)
show radius server (page 101)
show radius statistics (page 102)

NN47928-100

Layer 2 commands

99

debug radius
Use this command to enable the RADIUS debugging options. Precede this command with no to
disable the RADIUS debugging options.

Command mode
Privileged EXEC

Syntax
debug radius {all | errors | events | packets | responses | timers}

no debug radius

Variable definitions
This table describes the variables used in the debug radius command.
Variable

Value

all

Enables all the RADIUS server messages.

errors

Enables error code debug messages.

events

Enables events related messages.

packets

Enables the packets related messages.

responses

Enables the server response related messages.

timers

Enables the timer related messages.

Defaults
Debugging is disabled

Related commands
show radius server

Commands Reference

100

Layer 2 commands

radius-server host
Use this command to configure the RADIUS client with the parameters which include host,
timeout, key, and retransmit. Precede this command with no to delete the RADIUS server
configuration.

Command mode
Global configuration

Syntax
radius-server host  [timeout <1-120>] [retransmit <1-254>]
key 

no radius-server host 

Variable definitions
This table describes the variables used in the radius-server host command.
Variable

Value

timeout

Specifies the time period in seconds for which a
client will wait for a response from the server before
re-transmitting the request.

retransmit

Specifies the maximum number of attempts the client
undertakes to contact the server.

key

Specifies the per-server encryption key. Specifies
the authentication and encryption key for all RADIUS
communications between the authenticator and the
RADIUS server. The string length is 46.

Defaults
timeout

10 seconds

retransmit

3 attempts

key

empty string

Related commands
aaa authentication dot1x default
show radius server
show radius statistics

NN47928-100

Layer 2 commands

101

show radius server
Use this command to display RADIUS server configuration.

Command mode
Privileged EXEC or User EXEC

Syntax
show radius server

Related commands
radius-server host

Commands Reference

102

Layer 2 commands

show radius statistics
Use this command to display RADIUS server statistics.

Command mode
Privileged EXEC or User EXEC

Syntax
show radius statistics

Related commands
radius-server host

NN47928-100

Layer 2 commands

103

TACACS commands
Terminal Access Controller Access Control System (TACACS) is a client and server protocol that
enables remote access servers to communicate with a central server to authenticate dial-in users
and authorize their access to the requested system or service. Use this command to provide
Network Access Security (NAS), which ensures secure access from remotely connected users.
TACACS implements the TACACS client and provides the Authentication, Authorization, and
Accounting (AAA) functionalities.

TACACS commands navigation
•
•
•
•
•

debug tacacs (page 104)
show tacacs (page 105)
tacacs-server host (page 106)
tacacs-server retransmit (page 107)
tacacs use-server address (page 108)

Commands Reference

104

Layer 2 commands

debug tacacs
Use this command to set the debug trace level for TACACS client module. Precede the command
with no to disable the debug trace level for TACACS client module.

Command mode
Privileged EXEC mode

Syntax
debug tacacs { all | info | errors | dumptx | dumprx }

no debug tacacs

Variable definitions
This table describes the variables used in the debug tacacs command.
Variable

Value

all

Displays all TACACS debug messages.

info

Displays TACACS server information messages.

errors

Displays error code debug messages.

dumptx

Displays transmitted packet dump messages.

dumprx

Displays received packet dump messages.

Defaults
Debugging is disabled

NN47928-100

Layer 2 commands

105

show tacacs
Use this command to view the statistical log information and server for TACACS+ client.

Command mode
Privileged EXEC or User EXEC

Syntax
show tacacs

Related commands
show tacacs
tacacs use-server address

Commands Reference

106

Layer 2 commands

tacacs-server host
Use this command to configure host, timeout, and key in the TACACS server. Precede this
command with no to delete the server entry from the TACACS server table.

Command mode
Global configuration mode.

Syntax
tacacs-server host  [single-connection] [port ] [timeout

Navigation menu