Catalyst Supervisor Engine 32 PISA IOS Command Reference 12.2ZY
User Manual: Catalyst Supervisor Engine 32 PISA IOS Command Reference 12.2ZY
Open the PDF directly: View PDF .
Page Count: 1396
Download | |
Open PDF In Browser | View PDF |
Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference Release 12.2ZY Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. CCVP, the Cisco Logo, and the Cisco Square Bridge logo are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, BPX, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, IP/TV, iQ Expertise, the iQ logo, iQ Net Readiness Scorecard, iQuick Study, LightStream, Linksys, MeetingPlace, MGX, Networking Academy, Network Registrar, Packet, PIX, ProConnect, RateMUX, ScriptShare, SlideCast, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0704R) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference Copyright ©2007 Cisco Systems, Inc. All rights reserved. CONTENTS Preface xxv Audience xxv Organization xxv Related Documentation Conventions xxvi xxvi Obtaining Documentation, Obtaining Support, and Security Guidelines CHAPTER 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA 1-1 Getting Help 1-1 How to Find Command Options 1-2 Understanding Command Modes 1-5 Using the No and Default Forms of Commands Using the CLI String Search 2 1-7 1-7 Saving Configuration Changes CHAPTER xxvii 1-11 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA 2-1 action apply 2-2 2-4 arp access-list attach 2-5 2-8 auto-sync 2-10 bgp regexp deterministic boot config 2-13 boot system 2-15 bridge-domain cd 2-11 2-18 2-20 channel-group channel-protocol class-map 2-22 2-25 2-26 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 iii Contents class-map type multicast-flows class (policy-map) 2-28 2-30 clear cable-diagnostics tdr 2-33 clear catalyst6000 traffic-meter clear counters 2-34 2-35 clear fm netflow counters 2-37 clear interface gigabitethernet clear interface vlan 2-38 2-39 clear ip access-template 2-40 clear ip arp inspection log 2-41 clear ip arp inspection statistics clear ip auth-proxy watch-list clear ip cef epoch full 2-43 2-44 clear ip cef inconsistency clear ip dhcp snooping clear ip flow stats 2-42 2-46 2-47 2-48 clear ip igmp group 2-49 clear ip igmp snooping statistics clear ip mroute 2-51 2-52 clear ip msdp peer 2-54 clear ip msdp sa-cache 2-55 clear ip msdp statistics 2-56 clear ip pim auto-rp 2-57 clear ip pim snooping statistics clear ip pim snooping vlan clear lacp counters 2-58 2-59 2-61 clear logging ip access-list cache 2-62 clear mac-address-table dynamic 2-63 clear mls acl counters 2-65 clear mls cef ip accounting per-prefix 2-67 clear mls cef ipv6 accounting per-prefix clear mls ip multicast bidir-rpcache clear mls ip multicast group 2-69 2-70 clear mls ip multicast statistics clear mls nde flow counters 2-68 2-71 2-72 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference iv OL-11437-01 Contents clear mls netflow clear mls qos 2-73 2-76 clear mls statistics clear mls stats clear pagp 2-78 2-79 2-80 clear platform netint 2-81 clear port-security 2-82 clear spanning-tree detected-protocol clear top counters interface report clear vlan counters clock 2-86 2-87 2-88 collect top counters interface control-plane copy /noverify 2-94 2-97 diagnostic bootup level diagnostic cns 2-90 2-92 define interface-range 2-99 2-101 diagnostic event-log size diagnostic monitor 2-103 2-104 diagnostic ondemand 2-107 diagnostic schedule test diagnostic start 2-111 diagnostic stop 2-113 disconnect qdm 2-114 do 2-84 2-108 2-115 dot1x default dot1x max-req 2-116 2-117 dot1x multi-hosts 2-118 dot1x port-control 2-119 dot1x reauthentication 2-121 dot1x system-auth-control dot1x timeout duplex 2-122 2-123 2-125 eigrp event-log-size 2-127 encapsulation dot1q 2-128 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 v Contents encapsulation isl erase 2-129 2-130 errdisable detect cause errdisable recovery 2-132 2-134 error-detection packet-buffer action file verify auto flowcontrol format fsck 2-136 2-138 2-139 2-141 2-144 hold-queue 2-147 hw-module boot 2-149 hw-module fan-tray version 2-150 hw-module oversubscription hw-module reset 2-151 2-152 hw-module shutdown 2-153 hw-module simulate link-up instance 2-155 interface 2-157 interface port-channel interface range interface vlan 2-154 2-160 2-162 2-164 inter-packet gap 6502-mode 2-165 ip access-list hardware permit fragments ip arp inspection filter vlan ip arp inspection limit 2-167 2-169 ip arp inspection log-buffer ip arp inspection trust 2-171 2-173 ip arp inspection validate ip arp inspection vlan 2-174 2-176 ip arp inspection vlan logging 2-177 ip auth-proxy max-login-attempts ip auth-proxy watch-list ip casa 2-166 2-179 2-181 2-183 ip cef load-sharing algorithm ip cef table consistency-check 2-184 2-185 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference vi OL-11437-01 Contents ip dhcp relay information option trust-all ip dhcp relay information trust ip dhcp route connected ip dhcp snooping 2-188 2-189 2-190 ip dhcp snooping binding 2-191 ip dhcp snooping database 2-193 ip dhcp snooping information option ip dhcp snooping limit rate 2-195 2-197 ip dhcp snooping packets 2-198 ip dhcp snooping verify mac-address ip dhcp snooping vlan ip flow-cache entries 2-202 2-204 2-206 ip flow-export destination 2-207 ip flow-export hardware version ip flow-export interface 2-209 2-210 ip flow-export source 2-211 ip flow-export version 2-213 ip flow ingress 2-199 2-200 ip flow-aggregation cache ip flow-export 2-215 ip flow layer2-switched 2-216 ip forward-protocol turbo-flood 2-217 ip igmp immediate-leave group-list 2-219 ip igmp last-member-query-interval 2-220 ip igmp snooping 2-187 2-222 ip igmp snooping explicit-tracking ip igmp snooping fast-leave ip igmp snooping flooding 2-224 2-226 2-228 ip igmp snooping l2-entry-limit 2-229 ip igmp snooping last-member-query-interval ip igmp snooping limit track ip igmp snooping mrouter ip igmp snooping querier ip igmp snooping rate 2-230 2-232 2-233 2-235 2-237 ip igmp snooping report-suppression 2-238 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 vii Contents ip igmp snooping source-only-learning age-timer ip igmp ssm-map 2-240 ip local-proxy-arp 2-242 ip mroute 2-239 2-243 ip msdp border 2-245 ip msdp cache-sa-state 2-247 ip msdp default-peer 2-248 ip msdp description 2-250 ip msdp filter-sa-request 2-251 ip msdp mesh-group 2-253 ip msdp originator-id 2-254 ip msdp peer 2-255 ip msdp redistribute 2-257 ip msdp sa-filter in 2-259 ip msdp sa-filter out 2-261 ip msdp sa-request 2-263 ip msdp shutdown 2-265 ip msdp ttl-threshold 2-266 ip multicast boundary 2-267 ip multicast cache-headers 2-269 ip multicast helper-map 2-271 ip multicast mrinfo-filter 2-273 ip multicast multipath 2-274 ip multicast netflow 2-275 ip multicast route-limit ip multicast-routing 2-276 2-277 ip multicast rpf backoff 2-278 ip multicast rpf interval 2-280 ip pim accept-register ip pim accept-rp 2-281 2-282 ip pim bidir-enable 2-284 ip pim bsr-candidate 2-286 ip pim register-rate-limit ip pim register-source ip pim rp-announce-filter 2-288 2-289 2-290 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference viii OL-11437-01 Contents ip pim rp-candidate 2-291 ip pim send-rp-announce 2-293 ip pim send-rp-discovery 2-295 ip pim snooping (global configuration mode) 2-296 ip pim snooping (interface configuration mode) ip pim snooping dr-flood ip pim spt-threshold ip pim ssm 2-298 2-299 2-300 ip pim state-refresh disable ip rgmp 2-297 2-301 2-302 ip route-cache flow 2-304 ip sticky-arp (global configuration) 2-306 ip sticky-arp (interface configuration) ip unnumbered 2-308 2-309 ipv6 mfib-cef 2-311 ipv6 mfib hardware-switching ipv6 mld snooping 2-312 2-313 ipv6 mld snooping explicit-tracking 2-314 ipv6 mld snooping last-member-query-interval ipv6 mld snooping limit 2-318 ipv6 mld snooping mrouter 2-320 ipv6 mld snooping querier 2-321 ipv6 mld snooping report-suppression ip verify unicast reverse-path ip wccp redirect 2-329 2-331 2-333 l2protocol-tunnel cos 2-335 l2protocol-tunnel drop-threshold 2-336 l2protocol-tunnel global drop-threshold l2protocol-tunnel shutdown-threshold l2 vfi manual 2-325 2-327 ip wccp web-cache accelerated l2protocol-tunnel 2-322 2-323 ip verify unicast source reachable-via ip wccp group-listen 2-316 2-338 2-339 2-341 lacp max-bundle 2-342 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 ix Contents lacp port-priority lacp rate 2-343 2-344 lacp system-priority line 2-345 2-346 link debounce 2-348 load-interval 2-350 logging event link-status (global configuration) 2-352 logging event link-status (interface configuration) logging event subif-link-status 2-354 2-355 logging ip access-list cache (global configuration mode) logging ip access-list cache (interface configuration mode) mac access-list extended mac-address-table learning 2-364 2-366 2-368 mac-address-table notification mac-move mac-address-table notification threshold mac-address-table static 2-371 2-376 2-377 mac packet-classify use vlan match 2-370 2-373 mac-address-table synchronize mac packet-classify 2-359 2-361 mac-address-table aging-time mac-address-table limit 2-357 2-379 2-380 match protocol 2-382 maxconns (real server configuration submode) maximum-paths mdix auto mdt data 2-383 2-385 2-386 2-388 mdt default mdt log-reuse media-type mkdir disk0: 2-389 2-390 2-391 2-392 mls aclmerge algorithm 2-393 mls acl tcam default-result mls acl tcam share-global mls aging fast 2-395 2-396 2-397 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference x OL-11437-01 Contents mls aging long 2-398 mls aging normal 2-399 mls cef maximum-routes 2-400 mls cef tunnel fragment mls erm priority 2-403 mls exclude protocol mls flow mls ip 2-402 2-405 2-407 2-408 mls ip acl port expand 2-409 mls ip cef accounting per-prefix mls ip cef load-sharing mls ip cef rate-limit 2-410 2-411 2-413 mls ip cef rpf hw-enable-rpf-acl mls ip cef rpf interface-group 2-415 mls ip cef rpf multipath 2-416 mls ip delete-threshold 2-417 mls ip directed-broadcast mls ip inspect 2-414 2-418 2-420 mls ip install-threshold 2-421 mls ip multicast (global configuration mode) mls ip multicast (interface configuration mode) mls ip multicast bidir gm-scan-interval mls ip multicast connected mls ip multicast flow-stat-timer 2-425 2-428 2-430 mls ip multicast replication-mode 2-431 2-432 mls ip multicast stub 2-433 mls ip multicast threshold 2-435 mls ip nat netflow-frag-l4-zero mls ip pbr 2-424 2-426 mls ip multicast consistency-check mls ip multicast sso 2-422 2-436 2-437 mls ip reflexive ndr-entry tcam 2-438 mls ipv6 acl compress address unicast mls ipv6 acl source 2-439 2-441 mls mpls (recirculation) 2-442 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xi Contents mls mpls (guaranteed bandwidth traffic engineering) mls nde flow 2-446 mls nde interface mls nde sender mls netflow 2-448 2-450 2-451 mls netflow maximum-flows mls netflow sampling 2-452 2-453 mls netflow usage notify 2-454 mls qos (global configuration mode) 2-455 mls qos (interface configuration mode) mls qos aggregate-policer mls qos bridged 2-457 2-458 2-460 mls qos channel-consistency mls qos cos 2-444 2-461 2-462 mls qos cos-mutation 2-463 mls qos dscp-mutation mls qos exp-mutation mls qos loopback 2-464 2-465 2-466 mls qos map cos-dscp 2-467 mls qos map cos-mutation 2-468 mls qos map dscp-cos 2-470 mls qos map dscp-exp 2-472 mls qos map dscp-mutation mls qos map exp-dscp 2-473 2-475 mls qos map exp-mutation 2-476 mls qos map ip-prec-dscp 2-478 mls qos map policed-dscp 2-480 mls qos marking ignore port-trust mls qos marking statistics mls qos mpls trust exp mls qos police redirected mls qos protocol 2-482 2-483 2-484 2-485 2-486 mls qos queueing-only 2-488 mls qos queue-mode mode-dscp mls qos rewrite ip dscp 2-489 2-490 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xii OL-11437-01 Contents mls qos statistics-export (global configuration mode) mls qos statistics-export (interface configuration mode) mls qos statistics-export aggregate-policer mls qos statistics-export class-map 2-500 2-502 2-503 mls qos trust extend 2-505 mls qos vlan-based mls rate-limit all 2-507 2-508 mls rate-limit layer2 2-509 mls rate-limit multicast ipv4 2-511 mls rate-limit multicast ipv6 2-513 mls rate-limit unicast acl 2-516 mls rate-limit unicast cef 2-518 mls rate-limit unicast ip 2-520 mls rate-limit unicast l3-features mls rate-limit unicast vacl-log 2-523 2-524 mls rp ip (global configuration mode) 2-526 mls rp ip (interface configuration mode) mls rp ipx (global configuration mode) mls rp ipx (interface configuration mode) mls rp management-interface mls rp nde-address mls rp vlan-id 2-529 2-530 2-533 2-534 mls switching 2-536 mls switching unicast mode 2-528 2-531 mls sampling mobility 2-527 2-532 mls rp vtp-domain mls verify 2-495 2-499 mls qos statistics-export destination mls qos trust 2-493 2-497 mls qos statistics-export delimiter mls qos statistics-export interval 2-492 2-537 2-538 2-540 2-542 mode dot1q-in-dot1q access-gateway monitor event-trace (EXEC) 2-544 2-547 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xiii Contents monitor event-trace (global configuration) monitor permit-list monitor session 2-553 2-555 monitor session type 2-560 mpls l2transport route 2-565 mpls load-balance per-label mpls ttl-dec mtu 2-550 2-567 2-568 2-569 name (MST configuration submode) neighbor net 2-574 nsf 2-576 2-571 2-573 pagp learn-method 2-579 pagp port-priority 2-580 platform ip features sequential 2-581 platform ipv6 acl icmp optimize neighbor-discovery platform scp retry interval 2-585 platform vfi dot1q-transparency police (policy map) police rate 2-590 policy-map 2-592 port access-map 2-586 2-587 2-595 port-channel load-balance 2-597 port-channel load-balance mpls port-channel min-links 2-599 2-601 port-channel per-module load-balance power enable power inline 2-602 2-603 2-604 power redundancy-mode priority-queue cos-map 2-605 2-606 priority-queue queue-limit private-vlan 2-583 2-608 2-609 private-vlan mapping 2-612 private-vlan synchronize process-min-time percent 2-614 2-615 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xiv OL-11437-01 Contents rcv-queue bandwidth 2-617 rcv-queue cos-map 2-618 rcv-queue queue-limit 2-620 rcv-queue random-detect rcv-queue threshold reassign 2-621 2-623 2-625 redundancy 2-626 redundancy force-switchover reload 2-629 remote command 2-631 remote login 2-632 remote-span 2-634 reset 2-635 retry 2-636 revision 2-637 rmon alarm 2-638 rmon event 2-640 route-converge-interval router 2-628 2-642 2-644 scheduler allocate 2-645 service counters max age service-policy 2-646 2-647 service-policy (control-plane) session slot 2-648 2-650 set cos cos-inner (policy-map configuration) set ip dscp (policy-map configuration) 2-653 set ip precedence (policy-map configuration) set mpls experimental set qos-group show 2-651 2-655 2-657 2-658 2-659 show adjacency show arp 2-661 2-664 show asic-version show bootflash: show bootvar 2-665 2-666 2-668 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xv Contents show cable-diagnostics tdr show catalyst6000 2-671 2-673 show cdp neighbors 2-675 show cef interface policy-statistics show class-map 2-679 show counters interface show diagnostic 2-680 2-683 show diagnostic cns 2-688 show diagnostic sanity show dot1q-tunnel show dot1x 2-689 2-694 2-695 show dss log 2-698 show environment alarm 2-699 show environment cooling show environment status 2-702 2-703 show environment temperature show eobc 2-706 2-708 show erm statistics 2-711 show errdisable detect 2-712 show errdisable flap-value show errdisable recovery show etherchannel show fm features show fm insp 2-713 2-714 2-715 2-720 show fm inband-counters 2-722 2-723 show fm interface 2-724 show fm ipv6 traffic-filter 2-727 show fm nat netflow data 2-731 show fm reflexive 2-732 show fm summary 2-733 show fm vlan show icc 2-678 2-734 2-736 show idprom show interfaces 2-738 2-742 show interfaces accounting 2-745 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xvi OL-11437-01 Contents show interfaces capabilities show interfaces counters 2-747 2-750 show interfaces debounce 2-753 show interfaces description 2-755 show interfaces flowcontrol 2-756 show interfaces private-vlan mapping show interfaces status 2-759 2-760 show interfaces summary 2-762 show interfaces switchport 2-764 show interfaces switchport backup show interfaces transceiver show interfaces trunk 2-766 2-768 2-771 show interfaces unidirectional 2-774 show interfaces vlan mapping 2-776 show ip arp inspection 2-777 show ip arp inspection log 2-780 show ip auth-proxy watch-list show ipc 2-782 2-783 show ip cache flow 2-785 show ip cache verbose flow show ip cef epoch 2-793 show ip cef inconsistency show ip cef summary show ip cef vlan 2-789 2-795 2-797 2-798 show ip dhcp relay information trusted-sources show ip dhcp snooping 2-800 show ip dhcp snooping binding show ip dhcp snooping database show ip flow-export show ip igmp groups show ip igmp interface 2-799 2-802 2-805 2-807 2-809 2-812 show ip igmp snooping explicit-tracking show ip igmp snooping mrouter 2-814 2-815 show ip igmp snooping rate-limit 2-816 show ip igmp snooping statistics 2-817 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xvii Contents show ip igmp udlr 2-819 show ip interface 2-821 show ip mcache 2-824 show ip mds interface show ip mpacket 2-826 2-827 show ip mroute 2-829 show ip mroute bidirectional show ip msdp count 2-834 2-836 show ip msdp peer 2-838 show ip msdp sa-cache 2-840 show ip msdp summary 2-842 show ip nhrp 2-843 show ip pim bsr-router 2-846 show ip pim interface df show ip pim mdt bgp 2-848 2-849 show ip pim mdt history 2-850 show ip pim mdt receive 2-851 show ip pim mdt send 2-853 show ip pim neighbor 2-854 show ip pim rp-hash 2-856 show ip pim rp mapping show ip pim snooping show ip rpf events show ip wccp 2-858 2-860 2-864 2-865 show ipv6 mfib 2-867 show ipv6 mld snooping show l2protocol-tunnel show l3-mgr show lacp 2-873 2-875 2-877 2-879 show logging ip access-list show mac-address-table 2-882 2-884 show mac-address-table learning show memory dead show mls asic show mls cef 2-890 2-894 2-896 2-897 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xviii OL-11437-01 Contents show mls cef adjacency 2-902 show mls cef exact-route 2-907 show mls cef exception 2-908 show mls cef hardware 2-910 show mls cef inconsistency show mls cef ip 2-912 2-914 show mls cef ip multicast show mls cef ipv6 2-918 2-925 show mls cef logging 2-928 show mls cef lookup 2-929 show mls cef maximum-routes show mls cef mpls 2-932 show mls cef rpf 2-933 show mls cef statistics 2-934 show mls cef summary 2-935 show mls cef vrf 2-937 show mls df-table show mls ip 2-930 2-939 2-940 show mls ip cef rpf-table show mls ip multicast 2-943 2-944 show mls ip multicast bidir 2-947 show mls ip multicast rp-mapping show mls ip multicast sso show mls ip non-static show mls ip routes show mls ip static 2-949 2-951 2-952 2-954 show mls ip statistics show mls nde 2-955 2-956 show mls netflow 2-957 show mls netflow ip 2-960 show mls netflow ip sw-installed show mls netflow ipv6 show mls qos 2-948 2-965 2-967 2-970 show mls qos free-agram show mls qos maps 2-974 2-975 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xix Contents show mls qos mpls 2-977 show mls qos protocol 2-979 show mls qos statistics-export info show mls rate-limit 2-982 show mls sampling 2-985 show mls statistics 2-986 show mls table-contention 2-988 show mmls igmp explicit-tracking show mmls msc 2-990 2-991 show mobility 2-996 show module 2-998 show monitor permit-list show monitor session 2-1001 2-1002 show mpls l2transport vc show mpls platform show mpls ttfib show pagp 2-980 2-1006 2-1010 2-1013 2-1014 show platform 2-1016 show platform hardware capacity show platform pisa np 2-1020 2-1026 show platform software ipv6-multicast show policy-map 2-1036 show policy-map control-plane show policy-map interface show port-security show power 2-1040 2-1042 2-1048 show qm-sp port-data 2-1049 show queueing interface show redundancy show rom-monitor 2-1051 2-1053 2-1056 2-1057 show running-config show scp 2-1038 2-1044 show qdm status show rpc 2-1033 2-1059 2-1061 show snmp mib ifmib ifindex 2-1062 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xx OL-11437-01 Contents show spanning-tree 2-1064 show spanning-tree mst 2-1070 show standby delay 2-1074 show sup-bootflash 2-1075 show system jumbomtu show tcam counts 2-1078 2-1079 show tcam interface 2-1081 show tech-support 2-1084 show top counters interface report show udld 2-1089 show version show vlan 2-1091 2-1093 show vlan access-log 2-1097 show vlan access-map show vlan counters 2-1099 2-1100 show vlan dot1q tag native show vlan filter 2-1101 2-1102 show vlan internal usage show vlan mapping 2-1107 show vlan remote-span 2-1109 2-1110 show vlan virtual-port show vtp 2-1104 2-1106 show vlan private-vlan show vlans 2-1087 2-1112 2-1114 shutdown vlan 2-1117 snmp ifindex clear snmp ifindex persist 2-1118 2-1120 snmp-server enable traps 2-1122 snmp-server enable traps transceiver type all snmp-server ifindex persist 2-1124 2-1125 snmp-server source-interface 2-1127 snmp-server trap authentication unknown-context snmp-server trap link switchover spanning-tree backbonefast spanning-tree bpdufilter 2-1129 2-1130 2-1131 2-1132 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xxi Contents spanning-tree bpduguard spanning-tree cost 2-1134 2-1135 spanning-tree etherchannel guard misconfig spanning-tree extend system-id spanning-tree guard 2-1138 2-1139 spanning-tree link-type 2-1140 spanning-tree loopguard default spanning-tree mode spanning-tree mst 2-1136 2-1141 2-1142 2-1143 spanning-tree mst configuration 2-1145 spanning-tree mst forward-time 2-1147 spanning-tree mst hello-time 2-1148 spanning-tree mst max-age 2-1149 spanning-tree mst max-hops 2-1150 spanning-tree mst pre-standard spanning-tree mst root 2-1151 2-1153 spanning-tree pathcost method 2-1155 spanning-tree portfast (interface configuration mode) spanning-tree portfast bpdufilter default spanning-tree portfast bpduguard default spanning-tree portfast default spanning-tree port-priority spanning-tree vlan speed 2-1158 2-1160 2-1161 2-1162 spanning-tree transmit hold-count spanning-tree uplinkfast 2-1156 2-1163 2-1164 2-1166 2-1168 squeeze 2-1171 stack-mib portname 2-1172 standby delay minimum reload standby track 2-1175 standby use-bia 2-1177 storm-control level switchport 2-1173 2-1178 2-1180 switchport access vlan 2-1182 switchport autostate exclude 2-1184 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xxii OL-11437-01 Contents switchport backup 2-1186 switchport block unicast switchport capture 2-1188 2-1189 switchport capture allowed vlan switchport dot1q ethertype switchport mode 2-1191 2-1193 2-1195 switchport port-security 2-1197 switchport port-security aging 2-1198 switchport port-security mac-address switchport port-security maximum switchport port-security violation 2-1200 2-1202 2-1204 switchport private-vlan host-association switchport private-vlan mapping switchport trunk 2-1207 2-1209 switchport vlan mapping 2-1212 switchport vlan mapping enable switchport voice vlan sync-restart-delay 2-1215 2-1217 2-1219 system flowcontrol bus system jumbomtu tcam priority 2-1220 2-1221 2-1223 test cable-diagnostics time-range 2-1225 2-1227 traceroute mac 2-1229 track interface 2-1233 transceiver type all monitoring 2-1235 tunnel udlr address-resolution 2-1236 tunnel udlr receive-only tunnel udlr send-only udld 2-1206 2-1238 2-1240 2-1242 udld port udld reset 2-1244 2-1246 udp-port 2-1247 undelete 2-1248 unidirectional 2-1250 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xxiii Contents upgrade rom-monitor username secret verify 2-1252 2-1254 2-1255 vlan (config-VLAN submode) 2-1258 vlan (global configuration mode) vlan access-log 2-1264 vlan access-map vlan database 2-1266 2-1268 vlan dot1q tag native vlan filter 2-1270 2-1272 vlan internal allocation policy vlan mapping dot1q vtp 2-1262 2-1274 2-1276 2-1278 wrr-queue 2-1281 wrr-queue cos-map wrr-queue dscp-map wrr-queue queue-limit 2-1285 2-1286 2-1287 wrr-queue random-detect 2-1289 wrr-queue shape 2-1291 wrr-queue threshold 2-1293 APPENDIX A Acronyms APPENDIX B Acknowledgments for Open-Source Software A-1 B-1 INDEX Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xxiv OL-11437-01 Preface This preface describes the audience, organization, and conventions of this publication, and provides information on how to obtain related documentation. Audience This publication is for experienced network administrators who are responsible for configuring and maintaining Catalyst 6500 series switches that are configured with the Supervisor Engine 32 and the Programmable Intelligent Services Adapter (PISA). Organization This publication is organized as follows: Chapter Title Description Chapter 1 Command-Line Interface for the Describes the Catalyst 6500 series switch CLI. Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Lists alphabetically and provides detailed information for Cisco IOS commands specific to the Catalyst 6500 series switches that are configured with the Supervisor Engine 32 and the PISA. Appendix A Acronyms Defines the acronyms used in this publication. Appendix B Acknowledgments for Open-Source Software Provides acknowledgments for Cisco IOS software. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xxv Preface Related Documentation Related Documentation The Catalyst 6500 series switch Cisco IOS documentation set includes these documents: • Catalyst Supervisor Engine 32 PISA Cisco IOS Software Module Installation Guide • Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide • Catalyst Supervisor Engine 32 PISA Cisco IOS Software System Message Guide • Release Notes for Cisco IOS Release 12.2ZY on the Supervisor Engine 32 PISA The Cisco IOS documentation set includes these documents: • Configuration Fundamentals Configuration Guide • Command Reference For information about MIBs, refer to this URL: http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml Conventions This document uses the following conventions: Convention Description boldface font Commands, command options, and keywords are in boldface. italic font Arguments for which you supply values are in italics. [ ] Elements in square brackets are optional. {x|y|z} Alternative keywords are grouped in braces and separated by vertical bars. Braces can also be used to group keywords and/or aguments; for example, {interface interface type}. [x|y|z] Optional alternative keywords are grouped in brackets and separated by vertical bars. string A nonquoted set of characters. Do not use quotation marks around the string or the string will include the quotation marks. screen font Terminal sessions and information the system displays are in font. screen boldface screen Information you must enter is in boldface screen font. font italic screen font Arguments for which you supply values are in italic screen font. ^ The symbol ^ represents the key labeled Control—for example, the key combination ^D in a screen display means hold down the Control key while you press the D key. < > Nonprinting characters, such as passwords are in angle brackets. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xxvi OL-11437-01 Preface Obtaining Documentation, Obtaining Support, and Security Guidelines Convention Description [ ] Default responses to system prompts are in square brackets. !, # An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line. Notes use the following conventions: Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication. Cautions use the following conventions: Caution Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data. Obtaining Documentation, Obtaining Support, and Security Guidelines For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What’s New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference OL-11437-01 xxvii Preface Obtaining Documentation, Obtaining Support, and Security Guidelines Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference xxviii OL-11437-01 C H A P T E R 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA This chapter provides information for understanding and using command-line interface (CLI) for the Supervisor Engine 32 and the Programmable Intelligent Services Accelerator (PISA). This chapter consists of these sections: . This chapter includes the following sections: • Getting Help, page 1-1 • How to Find Command Options, page 1-2 • Understanding Command Modes, page 1-5 • Using the No and Default Forms of Commands, page 1-7 • Using the CLI String Search, page 1-7 • Saving Configuration Changes, page 1-11 For an overview of the Catalyst 6500 series switch Cisco IOS software configuration, refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide. Getting Help To obtain a list of commands that are available for each command mode, enter a question mark (?) at the system prompt. You also can obtain a list of any command’s associated keywords and arguments with the context-sensitive help feature. Table 1-1 lists commands that you can enter to get help that is specific to a command mode, a command, a keyword, or an argument. Table 1-1 Getting Help Command Purpose abbreviated-command-entry? Obtain a list of commands that begin with a particular character string. (Do not leave a space between the command and question mark.) abbreviated-command-entryComplete a partial command name. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 1-1 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA How to Find Command Options Table 1-1 Getting Help (continued) Command Purpose ? List all commands available for a particular command mode. command ? List a command’s associated keywords. Leave a space between the command and question mark. command keyword ? List a keyword’s associated arguments. Leave a space between the keyword and question mark. How to Find Command Options This section provides an example of how to display syntax for a command. The syntax can consist of optional or required keywords. To display keywords for a command, enter a question mark (?) at the configuration prompt or after entering part of a command followed by a space. The Catalyst 6500 series switch software displays a list of available keywords along with a brief description of the keywords. For example, if you are in global configuration mode and want to see all the keywords for the arap command, you enter arap ?. Table 1-2 shows examples of how you can use the question mark (?) to assist you in entering commands and also guides you through entering the following commands: Table 1-2 • interface gigabitethernet 1/1 • channel-group 1 mode auto How to Find Command Options Command Comment Router> enable Password: Router# Enter the enable command and password to access privileged EXEC commands. You are in privileged EXEC mode when the prompt changes to Router#. Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Enter global configuration mode. You are in global configuration mode when the prompt changes to Router(config)#. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 1-2 OL-11437-01 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA How to Find Command Options Table 1-2 How to Find Command Options (continued) Command Comment Router(config)# interface gigabitethernet ? <1-9> GigabitEthernet interface number Router(config)# interface gigabitethernet 1/1 Router(config-if)# Enter interface configuration mode by specifying the Gigabit Ethernet interface that you want to configure using the interface gigabitethernet global configuration command. Enter a ? to display what you must enter next on the command line. In this example, you must enter an interface number from 1 to 9 in the format module-number/port-number. You are in interface configuration mode when the prompt changes to Router(config-if)#. Router(config-if)#? Interface configuration commands: access-expression Build a bridge boolean access expression apollo Apollo interface subcommands appletalk Appletalk interface subcommands arp Set arp type (arpa, probe, snap) or timeout backup Modify backup parameters bandwidth Set bandwidth informational parameter bgp-policy Apply policy propogated by bgp community string bridge-group Transparent bridging interface parameters carrier-delay Specify delay for interface transitions cdp CDP interface subcommands channel-group Etherchannel/port bundling configuration clns CLNS interface subcommands cmns OSI CMNS custom-queue-list Assign a custom queue list to an interface decnet Interface DECnet config commands default Set a command to its defaults delay Specify interface throughput delay description Interface specific description dlsw DLSw interface subcommands dspu Down Stream PU exit Exit from interface configuration mode fair-queue Enable Fair Queuing on an Interface flowcontrol Configure flow operation. fras DLC Switch Interface Command help Description of the interactive help system hold-queue Set hold queue depth ip Interface Internet Protocol config commands ipx Novell/IPX interface subcommands isis IS-IS commands iso-igrp ISO-IGRP interface subcommands Enter a ? to display a list of all the interface configuration commands available for the Gigabit Ethernet interface. . . . Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 1-3 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA How to Find Command Options Table 1-2 How to Find Command Options (continued) Command Comment Router(config-if)# channel-group ? group channel-group of the interface Enter the command that you want to configure for the controller. In this example, the channel-group command is used. Router(config-if)#channel-group Enter a ? to display what you must enter next on the command line. In this example, you must enter the group keyword. Because a is not displayed, it indicates that you must enter more information to complete the command. Router(config-if)# channel-group ? <1-256> Channel group number Router(config-if)#channel-group After you enter the group keyword, enter a ? to display what you must enter next on the command line. In this example, you must enter a channel group number from 1 to 256. Because a is not displayed, it indicates that you must enter more information to complete the command. Router(config-if)# channel-group 1 ? mode Etherchannel Mode of the interface Router(config-if)# After you enter the channel group number, enter a ? to display what you must enter next on the command line. In this example, you must enter the mode keyword. Because a is not displayed, it indicates that you must enter more information to complete the command. Router(config-if)# channel-group 1 mode ? auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only Router(config-if)# After you enter the mode keyword, enter a ? to display what you must enter next on the command line. In this example, you must enter the auto, desirable, or on keyword. Because a is not displayed, it indicates that you must enter more information to complete the command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 1-4 OL-11437-01 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Understanding Command Modes Table 1-2 How to Find Command Options (continued) Command Comment Router(config-if)# channel-group 1 mode auto ? In this example, the auto keyword is entered. After you enter the auto keyword, enter a ? to display what you must enter next on the command line. Router(config-if)# Because a is displayed, it indicates that you can press Return to complete the command. If additional keywords are listed, you can enter more keywords or press Return to complete the command. Router(config-if)# channel-group 1 mode auto Router(config-if)# In this example, press Return to complete the command. Understanding Command Modes This section contains descriptions of the command modes for the Cisco IOS user interface. Cisco IOS User Interface The Cisco IOS user interface is divided into many different modes. The commands that are available to you depend on which mode you are currently in. You can obtain a list of commands that are available for each command mode by entering a question mark (?) at the system prompt. When you start a session on the Catalyst 6500 series switch, you begin in user mode, often called EXEC mode. Only a limited subset of the commands are available in EXEC mode. In order to have access to all commands, you must enter privileged EXEC mode. Normally, you must enter a password to enter privileged EXEC mode. From privileged EXEC mode, you can enter any EXEC command or enter global configuration mode. Most EXEC commands are one-time commands, such as show commands, which show the current status of a given item, and clear commands, which clear counters or interfaces. The EXEC commands are not saved across reboots of the Catalyst 6500 series switch. The configuration modes allow you to make changes to the running configuration. If you later save the configuration, these commands are stored across Catalyst 6500 series switch reboots. In order to get to the various configuration modes, you must start at global configuration mode where you can enter interface configuration mode, subinterface configuration mode, and a variety of protocol-specific modes. ROM-monitor mode is a separate mode that is used when the Catalyst 6500 series switch cannot boot properly. If your Catalyst 6500 series switch or access server does not find a valid system image when it is booting, or if its configuration file is corrupted at startup, the system might enter ROM-monitor mode. Table 1-3 provides a summary of the main command modes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 1-5 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Understanding Command Modes Table 1-3 Summary of Main Command Modes Command Mode Access Method Prompt Exit Method User EXEC Log in. Router> Use the logout command. Privileged EXEC From user EXEC mode, enter the enable EXEC command. Router# To exit to user EXEC mode, enter the disable command. From privileged EXEC mode, enter the configure terminal privileged EXEC command. Router(config)# From global configuration mode, enter by specifying an interface with an interface command. Router(config-if)# Global configuration Interface configuration To enter global configuration mode, enter the configure terminal privileged EXEC command. To exit to privileged EXEC mode, enter the exit or end command or press Ctrl-Z. To enter interface configuration mode, enter an interface configuration command. To exit to global configuration mode, enter the exit command. To exit to privileged EXEC mode, enter the exit command or press Ctrl-Z. To enter subinterface configuration mode, specify a subinterface with the interface command. Subinterface configuration From interface configuration mode, specify a subinterface with an interface command. ROM monitor Router(config-subif)# Rommon> From privileged EXEC mode, enter the reload EXEC command. Press the Break key during the first 60 seconds while the system is booting. To exit to global configuration mode, enter the exit command. To enter privileged EXEC mode, enter the end command or press Ctrl-Z. To exit ROM-monitor mode, you must reload the image by entering the boot command. If you use the boot command without specifying a file or any other boot instructions, the system boots from the default flash image (the first image in onboard flash memory). Otherwise, you can instruct the system to boot from a specific flash image (using the boot system flash filename command). For more information on command modes, refer to the “Using the Command Line Interface” chapter of the Configuration Fundamentals Configuration Guide. Note You can issue EXEC-level Cisco IOS commands (such as show, clear, and debug commands) from within global configuration mode or other modes by issuing the do command followed by the EXEC command. See the do command for information on how to use this command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 1-6 OL-11437-01 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Using the No and Default Forms of Commands Using the No and Default Forms of Commands Almost every configuration command has a no form. In general, enter the no form to disable a function. Use the command without the keyword no to reenable a disabled function or to enable a function that is disabled by default. For example, IP routing is enabled by default. To disable IP routing, specify the no ip routing command and specify the ip routing command to reenable it. This publication provides the complete syntax for the configuration commands and describes what the no form of a command does. Configuration commands can have a default form. The default form of a command returns the command setting to its default. Most commands are disabled by default, so the default form is the same as the no form. However, some commands are enabled by default and have variables set to certain default values. In these cases, the default form of the command enables the command and sets variables to their default values. This publication describes what the default form of a command does if the command is not the same as the no form. Using the CLI String Search The pattern in the command output is referred to as a string. The CLI string search feature allows you to search or filter any show or more command output and allows you to search and filter at --More-prompts. This feature is useful when you need to sort though large amounts of output, or if you want to exclude output that you do not need to see. With the search function, you can begin unfiltered output at the first line that contains a regular expression that you specify. You can then specify a maximum of one filter per command or start a new search from the --More-- prompt. A regular expression is a pattern (a phrase, number, or more complex pattern) that software uses to match against show or more command output. Regular expressions are case sensitive and allow for complex matching requirements. Examples of simple regular expressions are Serial, misses, and 138. Examples of complex regular expressions are 00210..., ( is ), and [Oo]utput. You can perform three types of filtering: • Use the begin keyword to begin output with the line that contains a specified regular expression. • Use the include keyword to include output lines that contain a specified regular expression. • Use the exclude keyword to exclude output lines that contain a specified regular expression. You can then search this filtered output at the --More-- prompts. Note The CLI string search function does not allow you to search or filter backward through previous output; filtering cannot be specified using HTTP access to the CLI. Regular Expressions A regular expression can be a single character that matches the same single character in the command output or multiple characters that match the same multiple characters in the command output. This section describes how to create both single-character patterns and multiple-character patterns and how to create more complex regular expressions using multipliers, alternation, anchoring, and parentheses. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 1-7 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Using the CLI String Search Single-Character Patterns The simplest regular expression is a single character that matches the same single character in the command output. You can use any letter (A-Z, a-z) or digit (0-9) as a single-character pattern. You can also use other keyboard characters (such as ! or ~) as single-character patterns, but certain keyboard characters have special meaning when used in regular expressions. Table 1-4 lists the keyboard characters with special meaning. Table 1-4 Characters with Special Meaning Character Special Meaning . Matches any single character, including white space. * Matches 0 or more sequences of the pattern. + Matches 1 or more sequences of the pattern. ? Matches 0 or 1 occurrences of the pattern. ^ Matches the beginning of the string. $ Matches the end of the string. _ (underscore) Matches a comma (,), left brace ({), right brace (}), left parenthesis ( ( ), right parenthesis ( ) ), the beginning of the string, the end of the string, or a space. To enter these special characters as single-character patterns, remove the special meaning by preceding each character with a backslash (\). These examples are single-character patterns matching a dollar sign, an underscore, and a plus sign, respectively. \$ \_ \+ You can specify a range of single-character patterns to match against command output. For example, you can create a regular expression that matches a string containing one of the following letters: a, e, i, o, or u. One and only one of these characters must exist in the string for pattern matching to succeed. To specify a range of single-character patterns, enclose the single-character patterns in square brackets ([ ]). For example, [aeiou] matches any one of the five vowels of the lowercase alphabet, while [abcdABCD] matches any one of the first four letters of the lower- or uppercase alphabet. You can simplify ranges by entering only the end points of the range separated by a dash (-). Simplify the previous range as follows: [a-dA-D] To add a dash as a single-character pattern in your range, include another dash and precede it with a backslash: [a-dA-D\-] You can also include a right square bracket (]) as a single-character pattern in your range. To do so, enter the following: [a-dA-D\-\]] Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 1-8 OL-11437-01 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Using the CLI String Search The previous example matches any one of the first four letters of the lower- or uppercase alphabet, a dash, or a right square bracket. You can reverse the matching of the range by including a caret (^) at the start of the range. This example matches any letter except the ones listed: [^a-dqsv] This example matches anything except a right square bracket (]) or the letter d: [^\]d] Multiple-Character Patterns When creating regular expressions, you can also specify a pattern containing multiple characters. You create multiple-character regular expressions by joining letters, digits, or keyboard characters that do not have special meaning. For example, a4% is a multiple-character regular expression. Put a backslash in front of the keyboard characters that have special meaning when you want to remove their special meaning. With multiple-character patterns, order is important. The regular expression a4% matches the character a followed by a 4 followed by a % sign. If the string does not have a4%, in that order, pattern matching fails. This multiple-character regular expression a. uses the special meaning of the period character to match the letter a followed by any single character. With this example, the strings ab, a!, or a2 are all valid matches for the regular expression. You can remove the special meaning of the period character by putting a backslash in front of it. In the following expression a\. only the string a. matches this regular expression. You can create a multiple-character regular expression containing all letters, all digits, all keyboard characters, or a combination of letters, digits, and other keyboard characters. These examples are all valid regular expressions: telebit 3107 v32bis Multipliers You can create more complex regular expressions to match multiple occurrences of a specified regular expression by using some special characters with your single- and multiple-character patterns. Table 1-5 lists the special characters that specify “multiples” of a regular expression. Table 1-5 Special Characters Used as Multipliers Character Description * Matches 0 or more single- or multiple-character patterns. + Matches 1 or more single- or multiple-character patterns. ? Matches 0 or 1 occurrences of the single- or multiple-character patterns. This example matches any number of occurrences of the letter a, including none: a* Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 1-9 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Using the CLI String Search This pattern requires that at least one letter a in the string is matched: a+ This pattern matches the string bb or bab: ba?b This string matches any number of asterisks (*): \** To use multipliers with multiple-character patterns, you enclose the pattern in parentheses. In the following example, the pattern matches any number of the multiple-character string ab: (ab)* As a more complex example, this pattern matches one or more instances of alphanumeric pairs (but not none; that is, an empty string is not a match): ([A-Za-z][0-9])+ The order for matches using multipliers (*, +, or ?) is to put the longest construct first. Nested constructs are matched from outside to inside. Concatenated constructs are matched beginning at the left side of the construct. The regular expression matches A9b3, but not 9Ab3 because the letters are specified before the numbers. Alternation Alternation allows you to specify alternative patterns to match against a string. You separate the alternative patterns with a vertical bar (|). Exactly one of the alternatives can match the string. For example, the regular expression codex | telebit matches the string codex or the string telebit, but not both codex and telebit. Anchoring You can match a regular expression pattern against the beginning or the end of the string. That is, you can specify that the beginning or end of a string contains a specific pattern. You “anchor” these regular expressions to a portion of the string using the special characters shown in Table 1-6. Table 1-6 Special Characters Used for Anchoring Character Description ^ Matches the beginning of the string. $ Matches the end of the string. This regular expression matches a string only if the string starts with abcd: ^abcd In contrast, this expression is in a range that matches any single letter, as long as it is not the letters a, b, c, or d: [^abcd] With this example, the regular expression matches a string that ends with .12: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 1-10 OL-11437-01 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Saving Configuration Changes $\.12 Contrast these anchoring characters with the special character underscore (_). The underscore matches the beginning of a string (^), the end of a string ($), parentheses ( ), space ( ), braces { }, comma (,), or underscore (_). With the underscore character, you can specify that a pattern exist anywhere in the string. For example, _1300_ matches any string that has 1300 somewhere in the string. The string’s 1300 can be preceded by or end with a space, brace, comma, or underscore. For example, {1300_ matches the regular expression, but 21300 and 13000 do not. Using the underscore character, you can replace long regular expression lists, such as the following: ^1300$ ^1300(space) (space)1300 {1300, ,1300, {1300} ,1300, (1300 with _1300_ Parentheses for Recall As shown in the “Multipliers” section on page 1-9, you use parentheses with multiple-character regular expressions to multiply the occurrence of a pattern. You can also use parentheses around a single- or multiple-character pattern to remember a pattern for use elsewhere in the regular expression. To create a regular expression that recalls a previous pattern, you use parentheses to indicate a remembered specific pattern and a backslash (\) followed by an integer to reuse the remembered pattern. The integer specifies the occurrence of the parentheses in the regular expression pattern. If you have more than one remembered pattern in your regular expression, then \1 indicates the first remembered pattern, \2 indicates the second remembered pattern, and so on. This regular expression uses parentheses for recall: a(.)bc(.)\1\2 This regular expression matches an a followed by any character (call it character 1), followed by bc, followed by any character (character 2), followed by character 1 again, and then followed by character 2 again. The regular expression can match aZbcTZT. The software remembers that character 1 is Z and character 2 is T and then uses Z and T again later in the regular expression. Saving Configuration Changes To save your configuration changes to your startup configuration so that they will not be lost if there is a system reload or power outage, enter the following command: Router# copy system:running-config nvram:startup-config Building configuration... It might take a minute or two to save the configuration. After the configuration has been saved, the following output appears: [OK] Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 1-11 Chapter 1 Command-Line Interface for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Saving Configuration Changes On most platforms, this step saves the configuration to NVRAM. On the Class A flash file system platforms, this step saves the configuration to the location that is specified by the CONFIG_FILE environment variable. The CONFIG_FILE environment variable defaults to NVRAM. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 1-12 OL-11437-01 C H A P T E R 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA This chapter contains an alphabetical listing of Cisco IOS commands that are unique to the Catalyst 6500 series switches that are configured with the Supervisor Engine 32 and the Programmable Intelligent Services Accelerator (PISA). For information about Cisco IOS commands that are not contained in this publication, refer to the current Cisco IOS documentation including: • Cisco IOS Release 12.2 Configuration Fundamentals Configuration Guide • Cisco IOS Release 12.2 Command Reference Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-1 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA action action To set the packet action clause, use the action command. To remove an action clause, use the no form of this command. action {{drop [log]} | {forward [capture]} | {redirect {interface interface-number}} | {port-channel channel-id} {interface interface-number} | {port-channel channel-id} ...} no action {{drop [log]} | {forward [capture]} | {redirect {interface interface-number}} | {port-channel channel-id} {interface interface-number} | {port-channel channel-id} ...} Syntax Description drop Drops the packets. log (Optional) Logs the dropped packets in the software. forward Forwards (switched by hardware) the packets to its destination. capture (Optional) Sets the capture bit for the forwarded packets so that ports with the capture function enabled also receive the packets. redirect interface Redirects packets to the specified interfaces; possible valid values are fastethernet, gigabitethernet, and tengigabitethernet. See the “Usage Guidelines” section for additional valid values. interface-number Module and port number; see the “Usage Guidelines” section for valid values. port-channel channel-id Specifies the port channel to redirect traffic; valid values are a maximum of 64 values ranging from 1 to 256. Defaults This command has no default settings. Command Modes VLAN access-map submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Each redirect action allows you to specify a list of up to five destination interfaces. There is also a limit of up to 255 different interface lists that can be used by redirect actions. The redirect action supports interface lists instead of single interfaces as shown in the following example: [...] {redirect channel-id}} {{ethernet | gigabitethernet | tengigabitethernet} slot/port} | {port-channel Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-2 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA action The action clause specifies the action to be taken when a match occurs. The forwarded packets are subject to any applied Cisco IOS ACLs. The capture keyword sets the capture bit in VACL-forwarded packets. Ports with the capture function enabled can receive VACL-forwarded packets that have the capture bit set. Only VACL-forwarded packets that have the capture bit set can be captured. When the log keyword is specified, dropped packets are logged in the software. Only dropped IP packets can be logged. The redirect keyword allows you to specify up to five interfaces, which can be physical interfaces or EtherChannels. An EtherChannel member is not allowed to be a redirect interface. VACLs on WAN interfaces support only the action forward capture command. The action clause in a VACL can be forward, drop, capture, or redirect. Traffic can also be logged. VACLs applied to WAN interfaces do not support the redirect or log actions. The redirect interface must be in the VLAN for which the VACL map is configured. In a VLAN access map, if at least one ACL is configured for a packet type (IP, IPX, or MAC), the default action for the packet type is drop (deny). If an ACL is not configured for a packet type, the default action for the packet type is forward (permit). If an ACL for a packet type is configured and the ACL is empty or undefined, the configured action will be applied to the packet type. Examples This example shows how to define a drop and log action: Router(config-access-map)# action drop log Router(config-access-map)# This example shows how to define a forward action: Router(config-access-map)# action forward Router(config-access-map)# Related Commands Command Description match Specifies the match clause by selecting one or more ACLs for a VLAN access-map sequence. show vlan access-map Displays the contents of a VLAN-access map. vlan access-map Creates a VLAN access map or enters the VLAN access-map command mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-3 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA apply apply To implement the proposed new VLAN database, increment the database configuration number, save it in NVRAM, and propagate it throughout the administrative domain, use the apply command. apply Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes VLAN configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The apply command implements the configuration changes that you made after you entered VLAN database mode and uses them for the running configuration. This command keeps you in VLAN database mode. You cannot use this command when the Catalyst 6500 series switch is in the VTP client mode. You can verify that VLAN database changes have occurred by entering the show vlan command in privileged EXEC mode. Examples This example shows how to implement the proposed new VLAN database and recognize it as the current database: Router(config-if-vlan)# apply Router(config-if-vlan)# Related Commands Command Description abort Abandons the proposed new VLAN database. exit Implements the proposed new VLAN database. reset Leaves the proposed new VLAN database, remains in VLAN configuration mode, and resets the new database so that it is identical to the current VLAN database. show vlan Displays VLAN information. shutdown vlan Shuts down local traffic on a specified VLAN. vtp Configures the global VTP state. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-4 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA arp access-list arp access-list To configure an ARP ACL for ARP inspection and QoS filtering and enter the ARP ACL configuration submode, use the arp access-list command. To remove the ARP ACL, use the no form of this command. arp access-list name no arp access-list name Syntax Description name Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Name of the access list. Once you are in the ARP ACL configuration submode, you can add permit or deny clauses to permit or deny QoS to the flows. The following syntax is available in the ARP QoS ACL configuration submode for QoS filtering; all other configurations will be rejected at the time of the policy-map attachment to the interfaces: {permit | deny} {ip {any | {host sender-ip [sender-ip-mask]}}} {mac any} no {permit | deny} {ip {any | {host sender-ip [sender-ip-mask]}}} {mac any} permit Specifies to apply QoS to the flows. deny Skips the QoS action that is configured for traffic matching this ACE. ip Specifies the IP ARP packets. any Specifies any IP ARP packets. host sender-ip Specifies the IP address of the host sender. sender-ip-mask (Optional) Wildcard mask of the host sender. mac any Specifies MAC-layer ARP traffic. no Deletes an ACE from an ARP ACL. Once you are in the ARP ACL configuration submode, the following configuration commands are available for ARP inspection: • default—Sets a command to its defaults. You can use the deny and permit keywords and arguments to configure the default settings. • deny—Specifies the packets to reject. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-5 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA arp access-list • exit—Exits the ACL configuration mode. • no—Negates a command or sets its defaults. • permit— Specifies the packets to forward. You can enter the permit or deny keywords to configure the permit or deny clauses to forward or drop ARP packets based on some matching criteria. The syntax for the permit and deny keywords are as follows: {permit | deny} ip {any | {host {sender-ip | {sender-ip sender-ip-mask}}}} mac {any | {host {sender-mac | {sender-mac sender-mac-mask}}}} [log] {permit | deny} request ip {any | {host {sender-ip | {sender-ip sender-ip-mask}}}} mac {any | {host {sender-mac | {sender-mac sender-mac-mask}}}} [log] {permit | deny} response ip {any | {host {sender-ip | {sender-ip sender-ip-mask}}}} [{any | {host {target-ip | {target-ip target-ip-mask}}}}] mac {any | {host {sender-mac | {sender-mac sender-mac-mask}}}} [any | {host {target-mac | {target-mac target-mac-mask}}]} [log] permit Specifies packets to forward. deny Specifies packets to reject. ip Specifies the sender IP address. any Specifies any sender IP address. host Specifies a single sender host. sender-ip IP address of the host sender. sender-ip-mask Wildcard mask of the host sender. mac any Specifies any MAC address. mac host Specifies a single sender host MAC address. sender-mac MAC address of the host sender. sender-mac-mask Wildcard mask of the host sender. log (Optional) Specifies log on match. request Specifies ARP requests. response Specifies ARP responses. any (Optional) Specifies any target address. host (Optional) Specifies a single target host. target-mac MAC address of the target host. target-mac-mask Subnet mask of the target host. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-6 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA arp access-list If you enter the ip keyword without the request or response keywords, the configuration applies to both requests and responses. Once you define an ARP ACL, you can apply it to VLANs using the ip arp inspection filter command for ARP inspection. Incoming ARP packets are compared against the ARP access list, and packets are permitted only if the access list permits them. If access lists deny packets because of explicit denies, they are dropped. If packets get denied because of the implicit deny, they are matched against the list of DHCP bindings, unless the access list is static or the packets are not compared against the bindings. When an ARP access list is applied to a VLAN for dynamic ARP inspection, the ARP packets containing only IP-to-Ethernet MAC bindings are compared against the ACLs. All other packet types are bridged in the incoming VLAN without any validation. ACL entries are scanned in the order that you enter them. The first matching entry is used. To improve performance, place the most commonly used entries near the beginning of the ACL. An implicit deny any ip mac any entry exists at the end of an ACL unless you include an explicit permit ip any mac any entry at the end of the list. All new entries to an existing list are placed at the end of the list. You cannot add entries to the middle of a list. Examples This example shows how to create a new ARP ACL or enter the submode of an existing ARP ACL: Router(config)# arp access-list arpacl22 Router(config-arp-nacl)# This example shows how to create an ARP ACL named arp_filtering that denies QoS but permits MAC-layer ARP traffic: Router(config)# arp access-list arp_filtering Router(config-arp-nacl)# permit ip host 1.1.1.1 mac any Router(config-arp-nacl)# deny any ip mac any Router(config-arp-nacl)# Related Commands Command Description show arp Displays information about the ARP table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-7 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA attach attach To connect to a specific module from a remote location, use the attach command. attach num Syntax Description num Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Module number; see the “Usage Guidelines” section for valid values. Usage Guidelines Caution When you enter the attach or remote login command to access another console from your switch, if you enter global or interface configuration mode commands, the switch might reset. The valid values for num depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. This command is supported on the supervisor engine only. When you execute the attach num command, the prompt changes to Switch-sp#. The attach command is identical to the remote login module num command. There are two ways to end this session: • You can enter the exit command as follows: Switch-sp# exit [Connection to Switch closed by foreign host] Router# • You can press Ctrl-C three times as follows: Switch-sp# ^C Switch-sp# ^C Switch-sp# ^C Terminate remote login session? [confirm] y [Connection to Switch closed by local host] Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-8 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA attach Examples This example shows how to log in remotely to the supervisor engine: Router# attach 5 Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session Terminate remote login session? [confirm] yes [Connection to Switch closed by local host] Switch-sp# Related Commands Command Description remote login Accesses the Catalyst 6500 series switch console or a specific module. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-9 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA auto-sync auto-sync To enable automatic synchronization of the configuration files in NVRAM, use the auto-sync command. To disable automatic synchronization, use the no form of this command. auto-sync {startup-config | config-register | bootvar | running-config | standard} no auto-sync {startup-config | config-register | bootvar | standard} Syntax Description startup-config Specifies the automatic synchronization of the startup configuration. config-register Specifies the automatic synchronization of the configuration register configuration. bootvar Specifies the automatic synchronization of the BOOTVAR configuration. running-config Specifies the automatic synchronization of the running configuration. standard Specifies the automatic synchronization of the startup-config, BOOTVAR, and configuration registers. Defaults Automatic synchronization of the running configuration. Command Modes Main-cpu redundancy Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enter the no auto-sync standard command, no automatic synchronizations occur. If you want to enable any of the keywords, you have to enter the appropriate command for each keyword. Examples This example shows how (from the default configuration) to enable automatic synchronization of the configuration register in the main CPU: Router# configure terminal Router (config)# redundancy Router (config-r)# main-cpu Router (config-r-mc)# no auto-sync standard Router (config-r-mc)# auto-sync config-register Router (config-r-mc)# Related Commands Command Description redundancy Enters redundancy configuration mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-10 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA bgp regexp deterministic bgp regexp deterministic To configure Cisco IOS software to use the deterministic processing time regular expression engine, use the bgp regexp deterministic command. To configure Cisco IOS software to use the default regular expression engine, use the no form of this command. bgp regexp deterministic no bgp regexp deterministic Syntax Description This command has no keywords or arguments. Defaults The default regular expression engine is enabled. Command Modes Router configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The default Cisco IOS regular expression engine uses a recursive algorithm. This engine is effective but uses more system resources as the complexity of regular expressions increases. The recursive algorithm works well for simple regular expressions, but is less efficient when processing very complex regular expressions because of the backtracking that is required by the default engine to process partial matches. In some cases, CPU watchdog timeouts and stack overflow traces have occurred because of the length of time that the default engine requires to process very complex regular expressions. The deterministic processing time regular expression engine does not replace the default regular expression engine. The new engine employs an improved algorithm that eliminates excessive backtracking and greatly improves performance when processing complex regular expressions. When the new engine is enabled, complex regular expressions are evaluated more quickly, and CPU watchdog timeouts and stack overflow traces will not occur. However, the new regular expression engine takes longer to process simple regular expressions than the default engine. We recommend that you use the new regular expression engine if you need to evaluate complex regular expressions or if you have observed problems related to evaluating regular expressions. We recommend that you use the default regular expression engine if you use only simple regular expressions. The new engine can be enabled by entering the bgp regexp deterministic command under a BGP routing process. The default regular expression engine can be reenabled by entering the no form of this command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-11 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA bgp regexp deterministic Examples This example shows how to configure Cisco IOS software to use the deterministic processing time regular expression engine: Router(config)# router bgp 1 Router(config-router)# bgp regexp deterministic Router(config-router)# This example shows how to configure Cisco IOS software to use the default regular expression engine: Router(config)# router bgp 1 Router(config-router)# no bgp regexp deterministic Router(config-router)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-12 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA boot config boot config To specify the device and filename of the configuration file from which the system configures itself during initialization (startup), use the boot config command. To remove the specification, use the no form of this command. boot config {device:file-name} no boot config Syntax Description device: Device identification; see the “Usage Guidelines” section for a list of the valid values. file-name Configuration filename. Defaults The configuration file is located in NVRAM. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The valid values for device: are as follows: • disk0: – One external CompactFlash Type II slot – Supports CompactFlash Type II flash PC cards • sup-bootdisk: – Supervisor Engine 32 256-MB internal CompactFlash flash memory – From the Supervisor Engine 32 ROMMON, it is bootdisk: • bootdisk: – PISA 256-MB internal CompactFlash flash memory – Not accessible from the Supervisor Engine 32 ROMMON When you use the boot config command, you affect only the running configuration. You must save the environment variable setting to your startup configuration to place the information under ROM monitor control and to have the environment variable function as expected. Use the copy system:running-config nvram:startup-config command to save the environment variable from your running configuration to your startup configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-13 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA boot config The software displays an error message and does not update the CONFIG_FILE environment variable in the following situations: • You specify nvram: as the file system, and it contains only a distilled version of the configuration. (A distilled configuration does not contain access lists.) • You specify a configuration file in the filename argument that does not exist or is not valid. During initialization, the NVRAM configuration is used when the CONFIG_FILE environment variable does not exist or when it is null (such as at a first-time startup). If the software detects a problem with NVRAM or the configuration it contains, the device enters setup mode. When you use the no form of this command, the NVRAM configuration is used as the startup configuration. You can view the contents of the BOOT, BOOTLDR, and the CONFIG_FILE environment variables using the show bootvar command. This command displays the settings for these variables as they exist in the startup configuration as well as in the running configuration if a running configuration setting differs from a startup configuration setting. Examples This example shows how to set the configuration file that is located in the internal flash memory to configure itself during initialization. The third line copies the specification to the startup configuration, ensuring that this specification takes effect upon the next reload. Router (config)# boot config disk0:router-config Router (config)# end Router# copy system:running-config nvram:startup-config Router# Related Commands Command Description copy Saves the environment variable from the running configuration to the system:running-config startup configuration. nvram:startup-config show bootvar Displays information about the BOOT environment variable. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-14 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA boot system boot system To specify the system image that loads at startup, use the boot system command. To remove the startup system image specification, use the no form of this command. boot system filename boot system flash [flash-fs:][partition-number:][filename] no boot system [filename] no boot system flash [flash-fs:][partition-number:][filename] Syntax Description filename Specifies the configuration filename of the system image to load at system startup. flash Boots from internal flash memory. flash-fs: (Optional) flash file system containing the system image to load at startup; valid values are flash:, bootflash, slot0, and slot1. partition-number: (Optional) Number of the flash memory partition that contains the system image to boot, specified by the optional filename argument. filename (Optional when used with the boot system flash command) Case-senstive name of the system image to load at startup. Defaults If you configure the switch to boot from a network server but do not specify a system image file with the boot system command, the switch uses the configuration register settings to determine the default system image filename. The switch forms the default boot filename by starting with the word cisco and then appending the octal equivalent of the boot field number in the configuration register, followed by a hyphen (-) and the processor type name (cisconn-cpu). Refer to the appropriate hardware installation guide for details on the configuration register and default filename. See also the config-register or confreg command. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command will not work unless you set the config-register command properly. TFTP boot is not supported on the Catalyst 6500 series switches. If you do not enter the ip-address argument, this value defaults to the IP broadcast address of 255.255.255.255. The colon is required when entering the flash-fs: argument. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-15 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA boot system If you omit all arguments that follow the flash keyword, the system searches the internal flash memory for the first bootable image. When using the partition-number: argument, if you do not specify a filename, the route processor loads the first valid file in the specified partition of flash memory. This argument is valid only on route processors that can be partitioned. The filename argument is case sensitive. If you do not specify a filename, the switch loads the first valid file in the following: • The specified flash file system • The specified partition of flash memory • The default flash file system if you also omitted the flash-fs: argument Enter several boot system commands to provide a fail-safe method for booting your route processor. The route processor stores and executes the boot system commands in the order in which you enter them in the configuration file. If you enter multiple boot commands of the same type (for example, if you enter two commands that instruct the route processor to boot from different network servers), the route processor tries them in the order in which they appear in the configuration file. If a boot system command entry in the list specifies an invalid device, the route processor omits that entry. Use the boot system rom command to specify use of the ROM system image as a backup to other boot commands in the configuration. For some platforms, you must load the boot image before you load the system image. However, on many platforms, the boot image that you specify loads only if the route processor is booting from a network server or if you do not specify the flash file system. If you specify the file system, the route processor boots faster because it does not need to load the boot image first. For detailed information, refer to the Cisco IOS Release 12.2 Command Reference. Note When you use the boot system command, you affect only the running configuration. You must save the BOOT variable settings to your startup configuration to place the information under ROM monitor control and to have the variable function as expected. Use the copy system:running-config nvram:startup-config EXEC command to save the variable from your running configuration to your startup configuration. To view the contents of the BOOT variable, use the show bootenv EXEC command. Examples This example shows a system filename with the ROM software as a backup: Router(config)# boot system flash config1 Router(config)# boot system rom This example shows how to boot the system image filenamed igs-bpx-l from partition 2 of the flash device: Router(config)# boot system flash:2:igs-bpx-l Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-16 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA boot system Related Commands Command Description config-register Changes the configuration register settings. copy /noverify Disables the automatic image verification for the current copy operation. ip rcmd remote username Configures the remote username to be used when requesting a remote copy using rcp. show bootvar Displays information about the BOOT environment variable. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-17 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA bridge-domain bridge-domain To enable BPDU translation, use the bridge-domain command. bridge-domain {vlan | {PE-vlan dot1qtunnel}} [ignore-bpdu-pid] {pvst-tlv CE-vlan} Syntax Description vlan VLAN number on a back-to back topology. PE-vlan dot1qtunnel Specifies the provider-edge VLAN number on a Layer 2 topology. ignore-bpdu-pid (Optional) Sends out IEEE BPDUs using a PID of 0x00-07, which is normally reserved for RFC 1483 data. pvst-tlv When transmitting, translates PVST+ BPDUs into IEEE BPDUs. When receiving, translates IEEE BPDUs into PVST+ BPDUs. CE-vlan Customer-edge VLAN in the SSTP TLV to be inserted in an IEEE BPDU to a PVST+ BPDU conversion. Defaults Disabled Command Modes VC or DLCI configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The CE-vlan argument does not have to be the same as the PE-vlan argument. When connecting to a device that is completely RFC-1483 compliant, in which the IEEE BPDUs are sent using a PID of 0x000E, you must use the ignore-bpdu-pid keywords in the bridge-domain command. If you do not enter the ignore-bpdu-pid keyword, the PVC between the devices operates in an RFC-1483 compliant topology, which is referred to as strict mode. Entering the ignore-bpdu-pid keyword enters the loose mode. Both modes are described as follows: • Without the ignore-bpdu-pid keywords, in strict mode, IEEE BPDUs are sent out using a PID of 0x00-0E, which complies with RFC 1483. • With the ignore-bpdu-pid keywords, in loose mode, IEEE BPDUs are sent out using a PID of 0x00-07, which is normally reserved for RFC-1483 data. Cisco-proprietary PVST+ BPDUs are always sent out on data frames using a PID of 0x00-07, regardless of whether you enter the ignore-bpdu-pid keywords. Use the ignore-bpdu-pid keywords when connecting to devices (such as ATM DSL modems) that send PVST (or 802.1D) BPDUs with PID: 00-07. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-18 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA bridge-domain The pvst-tlv keyword enables BPDU translation when interoperating with devices that understand only PVST or IEEE Spanning Tree Protocol. Because the Catalyst 6500 series switch ATM modules support PVST+ only, you must use the pvst-tlv keyword when connecting to a Catalyst 5000 family switch, which only understands PVST on its ATM modules, or when connecting with other Cisco IOS route processors, which understand IEEE format only. When transmitting, the pvst-tlv keyword translates PVST+ BPDUs into IEEE BPDUs. When receiving, the pvst-tlv keyword translates IEEE BPDUs into PVST+ BPDUs. Examples This example shows how to enable BPDU translation when a Catalyst 6500 series switch is connected to a a device that only understand IEEE BPDUs in an RFC-1483 compliant topology: Router(config-if-atm-vc)# bridge-domain 100 pvst-tlv 150 Router(config-if-atm-vc)# The ignore-bpdu-pid keyword is not used because the device operates in an RFC-1483 compliant topology for IEEE BPDUs. This example shows how to enable BPDU translation when a Catalyst 5500 ATM module is a device that only understands PVST BPDUs in a non-RFC1483 compliant topology. When a Catalyst 6500 series switch is connected to a Catalyst 5500 ATM module, you must enter both keywords: Router(config-if-atm-vc)# bridge-domain 100 ignore-bpdu-pid pvst-tlv 150 Router(config-if-atm-vc)# To enable BPDU translation for the Layer 2 Protocol Tunneling (L2PT) topologies, use the following command line: Router(config-if-atm-vc)# bridge-domain 100 dot1qtunnel ignore-bpdu-pid pvst-tlv 150 Router(config-if-atm-vc)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-19 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA cd cd To change the default directory or file system, use the cd command. cd [filesystem:][directory] Syntax Description filesystem: (Optional) URL or alias of the directory or file system that is followed by a colon; see the “Usage Guidelines” section for a list of the valid values. directory (Optional) Name of the directory. Defaults Initial default file system is disk0: Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The valid values for filesystem: are bootflash:, disk0: and disk1:. For all EXEC commands that have an optional filesystem argument, the system uses the file system that is specified by the cd command when you omit the optional filesystem argument. For example, the dir command, which displays a list of files on a file system, contains an optional filesystem argument. When you omit this argument, the system lists the files on the file system that is specified by the cd command. If you do not specify a directory on a file system, the default is the root directory on that file system. Examples This example sets the default file system to the flash PC card that is inserted in disk 0: Router# cd disk0: Router# pwd disk0:/ Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-20 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA cd Related Commands Command Description dir Displays a list of files on a file system. mkdir disk0: Creates a new directory in a flash file system. pwd Displays the current setting of the cd command. show file system Displays the available file systems. undelete Recovers a file that is marked “deleted” on a flash file system. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-21 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA channel-group channel-group To assign and configure an EtherChannel interface to an EtherChannel group, use the channel-group command. To remove the channel-group configuration from the interface, use the no form of this command. channel-group number mode {active | on | {auto [non-silent]} | {desirable [non-silent]} | passive} no channel-group number Syntax Description number Channel-group number; valid values are a maximum of 64 values ranging from 1 to 256. mode Specifies the EtherChannel mode of the interface. active Enables LACP unconditionally. on Enables EtherChannel only. auto Places a port into a passive negotiating state in which the port responds to PAgP packets that it receives but does not initiate PAgP packet negotiation. non-silent (Optional) Used with the auto or desirable mode when traffic is expected from the other device. desirable Places a port into an active negotiating state in which the port initiates negotiations with other ports by sending PAgP packets. passive Enables LACP only if an LACP device is detected. Defaults No channel groups are assigned. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note You cannot make any changes to the configuration of the Supervisor Engine 32 PISA EtherChannel. Note After the port becomes a member of the Supervisor Engine 32 PISA EtherChannel, only the no channel-group 256 mode on command has any effect on the port until the port is no longer a member of the PISA EtherChannel. While the port is a member of the PISA EtherChannel, all port configuration commands except the no channel-group 256 mode on command are ignored. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-22 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA channel-group By default, the Supervisor Engine 32 PISA EtherChannel (port channel interface 256, which is automatically configured with the pisa-channel command) is a 1-Gps EtherChannel. Note The pisa-channel command is visible in the configuration file, but it is not user configurable. The channel-group number is global and is shared between all the channeling protocols. If a specific channel number is used for the PAgP-enabled interfaces of a channel group, that same channel number cannot be used for configuring a channel that has LACP-enabled interfaces or vice versa. Entering the auto or desirable keyword enables PAgP on the specified interface; the command will be rejected if it is issued on an LACP-enabled interface. The active and passive keywords are valid on PAgP-disabled interfaces only. You can change the mode for an interface only if it is the only interface that is designated to the specified channel group. The on keyword forces the bundling of the interface on the channel without any negotiation. You can manually configure a switch with PAgP on one side and LACP on the other side in the on mode. With the on mode, a usable EtherChannel exists only when a port group in on mode is connected to another port group in on mode. If you enter the channel group command on an interface that is added to a channel with a different protocol than the protocol you are entering, the command is rejected. If the interface belongs to a channel, the no form of this command is rejected. All ports in the same channel group must use the same protocol; you cannot run two protocols on one channel group. PAgP and LACP are not compatible; both ends of a channel must use the same protocol. You can change the protocol at any time, but this change causes all existing EtherChannels to reset to the default channel mode for the new protocol. Configure all ports in an EtherChannel to operate at the same speed and duplex mode (full duplex only for LACP mode). You do not have to create a port-channel interface before assigning a physical interface to a channel group. A port-channel interface is created automatically when the channel group gets its first physical interface, if it is not already created. You do not have to disable the IP address that is assigned to a physical interface that is part of a channel group, but it is highly recommended. You can create both Layer 2 and Layer 3 port channels by entering the interface port-channel command or when the channel group gets its first physical interface assignment. The port channels are not created at runtime or dynamically. Any configuration or attribute changes that you make to the port-channel interface are propagated to all interfaces within the same channel group as the port channel (for example, configuration changes are also propagated to the physical interfaces that are not part of the port channel but are part of the channel group). When configuring Layer 2 EtherChannels, you cannot put Layer 2 LAN ports into manually created port-channel logical interfaces. You cannot use the channel-group command on GE-WAN interfaces if MPLS is configured. You must remove all IP, MPLS, and other Layer 3 configuration commands before using the channel-group command with GE-WAN interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-23 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA channel-group Note You can enter the channel-group command again to delete the interface from the old group and move it to the new group. For GE-WAN ports, however, you must manually remove the interface from the group by entering the no channel-group command before assigning it to a new group. Caution Do not enable Layer 3 addresses on the physical EtherChannel interfaces. Assigning bridge groups on the physical EtherChannel interfaces causes loops in your network. For a complete list of guidelines, refer to the “Configuring EtherChannel” section of the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Examples This example shows how to add EtherChannel interface 1/0 to the EtherChannel group that is specified by port-channel 1: Router(config-if)# channel-group 1 mode on Router(config-if)# Related Commands Command Description interface port-channel Creates a port-channel virtual interface and enters interface configuration mode. show etherchannel Displays the EtherChannel information for a channel. show interfaces port-channel Displays the traffic that is seen by a specific port channel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-24 OL-11437-01 22 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA channel-protocol channel-protocol To set the protocol that is used on an interface to manage channeling, use the channel-protocol command. To deselect the protocol, use the no form of this command. channel-protocol {lacp | pagp} no channel-protocol Syntax Description lacp Specifies LACP to manage channeling. pagp Specifies PAgP to manage channeling. Defaults pagp Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can also select the protocol using the channel-group command. If the interface belongs to a channel, the no form of this command is rejected. All ports in an EtherChannel must use the same protocol. PAgP and LACP are not compatible; both ends of a channel must use the same protocol. The channel-protocol command is performed on a channel-group basis and affects ports in the channel group that is being reconfigured only. You can use the channel-protocol command to restrict anyone from selecting a mode that is not applicable to the selected protocol. Configure all ports in an EtherChannel to operate at the same speed and duplex mode (full duplex only for LACP mode). For a complete list of guidelines, refer to the “Configuring EtherChannel” section of the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Examples This example shows how to select LACP to manage channeling on the interface: Router(config-if)# channel-protocol lacp Router(config-if)# Related Commands Command Description channel-group Assigns and configures an EtherChannel interface to an EtherChannel group. show etherchannel Displays the EtherChannel information for a channel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-25 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class-map class-map To access the QoS class map configuration mode to configure QoS class maps, use the class-map command. To delete a class map, use the no form of this command. class-map name [match-all | match-any] no class-map name [match-all | match-any] Syntax Description name Class map name. match-all (Optional) Matches all match criteria in the class map. match-any (Optional) Matches one or more match criteria. Defaults When you do not specify the match-all or match-any keyword, the default is match-all. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You apply the class-map command and its subcommands on a per-interface basis to define packet classification, marking, aggregate, and flow policing as part of a globally named service policy. You can attach a service policy to an EtherChannel. Do not attach a service policy to a port that is a member of an EtherChannel. After you are in QoS class map configuration mode, these configuration commands are available: • exit—Used to exit from QoS class map configuration mode. • no—Used to remove a match statement from a class map. • match—Used to configure classification criteria. These optional match subcommands are available: – access-group {acl-index | acl-name} – ip {dscp | precedence} value1 value2 ... value8 These subcommands appear in the CLI help but are not supported on LAN interfaces or WAN interfaces on the OSMs: • input-interface {{interface interface-number} | {null number} | {vlan vlan-id}} • protocol linktype • destination-address mac mac-address • source-address mac mac-address Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-26 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class-map PFC QoS does not support these subcommands: • input-interface {{interface interface-number} | {null number} | {vlan vlan-id}} • protocol linktype • destination-address mac mac-address • source-address mac mac-address • qos-group group-value If you enter these subcommands, PFC QoS does not detect the unsupported keywords until you attach a policy map to an interface. When you try to attach the policy map to an interface, you get an error message. For additional information, refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY and the Cisco IOS Release 12.2 Command Reference publications. After you have configured the class-map name and are in class-map configuration mode, you can enter the match subcommands. The syntax for these subcommands is as follows: match {[{access-group acl-index} | acl-name] | [{ip dscp} | {precedence value}]} See Table 2-1 for a syntax description of the match subcommands. Table 2-1 match Syntax Description Optional Subcommand Description access-group acl-index | acl-name Specifies the access list index or access list names; valid access list index values are from 1 to 2699. access-group acl-name Specifies the named access list. ip dscp value1 value2 ... value8 Specifies the IP DSCP values to match; valid values are from 0 to 63. You can enter up to 8 DSCP values, and separate each value with one white space. ip precedence value1 value2 ... value8 Specifies the IP precedence values to match; valid values are from 0 to 7. You can enter up to 8 precedence values, and separate each value with one white space. Examples This example shows how to access the class-map commands and subcommands, configure a class map named ipp5, and enter a match statement for ip precedence 5: Router(config)# class-map ipp5 Router(config-cmap)# match ip precedence 5 Router(config-cmap)# This example shows how to configure the class map to match an already configured access list: Router(config-cmap)# match access-group IPacl1 Router(config-cmap)# Related Commands Command Description policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. show class-map Displays class-map information. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-27 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class-map type multicast-flows class-map type multicast-flows To create multicast class maps and enter the multicast class map configuration mode, use the class-map type multicast-flows command. To delete a class map, use the no form of this command. class-map type multicast-flows name no class-map type multicast-flows name Syntax Description name Defaults No class is specified. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Class-map name. After you are in the multicast class-map configuration mode, these configuration commands are available: • exit—Used to exit from multicast class-map configuration mode. • group—Used to configure a multicast group range. The syntax for these subcommands is as follows: group group-addr [source addr | to addr] See Table 2-2 for a syntax description of the group subcommands. Table 2-2 group Syntax Description Subcommand Description group-addr Multicast group address. source addr (Optional) Specifies the channel-source address. to addr (Optional) Specifies the multicast group range end address. • no—Used to negate a command or set its defaults. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-28 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class-map type multicast-flows Examples This example shows how to create a multicast class map: Router(config)# class-map type multicast-flows static2 Router(config-mcast-flows-cmap)# This example shows how to configure a multicast group range: Router(config-mcast-flows-cmap)# group 192.0.2.0 source 192.0.2.10 Router(config-mcast-flows-cmap)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-29 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class (policy-map) class (policy-map) To specify the name of the class that has a policy that you want to create or change or to specify the default class (commonly known as the class-default class) before you configure its policy, use the class command in QoS policy-map configuration mode. To remove a class from the policy map, use the no form of this command. class {class-name | class-default} no class {class-name | class-default} Syntax Description class-name Name of the class to configure or modify the policy. class-default Specifies the default class. Defaults No class is specified. Command Modes QoS policy-map configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can use the class (policy-map) command to specify the class name of the policy that you want to create or change. You must first identify the policy map. To identify the policy map (and enter the required QoS policy-map configuration mode), use the policy-map command before you use the class (policy-map) command. After you specify a policy map, you can configure the policy for new classes or modify the policy for any existing classes in that policy map. To define the class characteristics, use the following guidelines: • The class name that you specify in the policy map ties the characteristics for that class—that is, its policy—to the class map and its match criteria, as configured using the class-map command. • When you configure a policy for a class, specify its bandwidth, and attach the policy map to an interface, CBWFQ determines if the bandwidth requirement of the class can be satisfied. If so, CBWFQ allocates a queue for the bandwidth requirement. • When a class is removed, available bandwidth for the interface is incremented by the amount that was previously allocated to the class. • The maximum number of classes that you can configure within a policy map is 64. The class-default keywords are used to specify the predefined default class called class-default. The predefined default class called class-default is the class to which traffic is directed if that traffic does not match any of the match criteria in the configured class maps. You can define a class policy to use either tail drop by using the queue-limit command or WRED by using the random-detect command. When using either tail drop or WRED, follow these guidelines: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-30 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class (policy-map) Examples • The queue-limit and random-detect commands cannot be used in the same class policy, but they can be used in two class policies in the same policy map. • You can use the bandwidth command when either the queue-limit or the random-detect command is configured in a class policy. The bandwidth command specifies the amount of bandwidth allocated for the class. • For the predefined default class, you can use the fair-queue (class-default) command. The fair-queue command specifies the number of dynamic queues for the default class. The fair-queue command can be used in the same class policy as either the queue-limit or random-detect command; it cannot be used with the bandwidth command. This example shows how to configure three class policies included in the policy map called policy1. Class1 specifies the policy for the traffic that matches access control list 136. Class2 specifies the policy for the traffic on interface ethernet101. The third class is the default class to which packets that do not satisfy configured match criteria are directed. Router(config)# policy-map policy1 Router(config-pmap)# class-map class1 Router(config-pmap-c)# match access-group 136 Router(config-pmap)# class-map class2 Router(config-pmap-c)# match input-interface ethernet101 These examples show how to create the policy map that contains the policy specifications for class1, class2, and the default class: Router(config)# policy-map policy1 Router(config-pmap)# class-map class1 Router(config-pmap-c)# bandwidth 2000 Router(config-pmap-c)# queue-limit 40 Router(config-pmap)# class class2 Router(config-pmap-c)# bandwidth 3000 Router(config-pmap-c)# random-detect Router(config-pmap-c)# random-detect exponential-weighting-constant 10 Router(config-pmap)# class class-default Router(config-pmap-c)# fair-queue 16 Router(config-pmap-c)# queue-limit 20 Note When the policy map containing these classes is attached to the interface to stipulate the service policy for that interface, available bandwidth is assessed, including all class policies and the Resource Reservation Protocol (RSVP), if configured. This example shows how to configure the policy for the class-default default class included in the policy map called policy8. The class-default default class has 20 hashed queues for the traffic that does not meet the match criteria of the other classes that have policies that are defined by the policy map called policy8 and a weight factor of 14 that is used to calculate the average queue size. For congestion avoidance, WRED packet drop is used, not tail drop. Router(config)# policy-map policy8 Router(config-pmap)# class class-default Router(config-pmap-c)# fair-queue 20 Router(config-pmap-c)# random-detect exponential-weighting-constant 14 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-31 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA class (policy-map) Related Commands Command Description class-map Accesses the QoS class map configuration mode to configure QoS class maps. fair-queue Specifies the number of dynamic queues to be reserved for use by the class-default class as part of the default class policy. policy-map Accesses the QoS policy-map configuration mode to configure the QoS policy map. queue-limit Specifies or modifies the maximum number of packets that the queue can hold for a class policy configured in a policy map. random-detect (interface) Enables WRED or DWRED. random-detect exponential- Configures the WRED and DWRED exponential weight factor for the weighting-constant average queue size calculation for the queue. random-detect precedence Configures the WRED and DWRED parameters for a particular IP precedence. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-32 OL-11437-01 22 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear cable-diagnostics tdr clear cable-diagnostics tdr To clear a specific interface or clear all interfaces that support time domain reflectometery (TDR), use the clear cable-diagnostics tdr command. clear cable-diagnostics tdr [interface interface interface-number] Syntax Description interface interface (Optional) Specifies the interface type; possible valid values are fastethernet, gigabitethernet, and tengigabitethernet. interface-number Module and port number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines See the Release Notes for Cisco IOS Release 12.2 SX on the Catalyst 6500 for the list of modules that support TDR. Examples This example shows how to clear a specific interface: Router# clear cable-diagnostics tdr interface gigabitethernet 4/1 Router# Related Commands Command Description show cable-diagnostics tdr Displays the test results for the TDR cable diagnostics. test cable-diagnostics Tests the condition of 10-Gigabit Ethernet links or copper cables on 48-port 10/100/1000 BASE-T modules. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-33 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear catalyst6000 traffic-meter clear catalyst6000 traffic-meter To clear the traffic meter counters, use the clear catalyst6000 traffic-meter command. clear catalyst6000 traffic-meter Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the traffic meter counters: Router# clear catalyst6000 traffic-meter Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-34 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear counters clear counters To clear the interface counters, use the clear counters command. clear counters [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. See the “Usage Guidelines” section for additional valid values. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 256. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note This command clears all the current interface counters from the interface unless you specify the interface. This command does not clear counters that are retrieved using SNMP but only those counters that appear when you enter the show queueing interface command. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-35 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear counters Examples This example shows how to clear all interface counters: Router# clear counters Clear "show interface" counters on all interfaces [confirm]y Router# This example shows how to clear counters on a specific interface: Router# clear counters vlan 200 Clear "show interface" counters on this interface [confirm]y Router# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-36 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear fm netflow counters clear fm netflow counters To clear the NetFlow counters, use the clear fm netflow counters command. clear fm netflow counters Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the NetFlow counters: Router# clear fm netflow counters Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-37 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear interface gigabitethernet clear interface gigabitethernet To clear the hardware logic on a Gigabit Ethernet IEEE 802.3z interface, use the clear interface gigabitethernet command. clear interface gigabitethernet number Syntax Description number Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Gigabit Ethernet interface number; see the “Usage Guidelines” section for valid values. Usage Guidelines The number argument designates the module and port number. Valid values for number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to clear the hardware logic on a Gigabit Ethernet IEEE 802.3z interface: Router# clear interface gigabitethernet 5 Router# Related Commands Command Description show interfaces status Displays the interface status or a list of interfaces in an error-disabled state on LAN ports only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-38 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear interface vlan clear interface vlan To clear the hardware logic on a VLAN, use the clear interface vlan command. clear interface vlan vlan-id Syntax Description vlan-id Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples VLAN ID; valid values are from 1 to 4094. This example shows how to clear the hardware logic on a specific VLAN: Router# clear interface vlan 5 Router# Related Commands Command Description show interfaces status Displays the interface status or a list of interfaces in an error-disabled state on LAN ports only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-39 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip access-template clear ip access-template To clear statistical information on the access list, use the clear ip access-template command. clear ip access-template access-list Syntax Description access-list Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Access list number; valid values are from 100 to 199 for an IP extended-access list and from 2000 to 2699 for an expanded-range IP extended-access list. This example shows how to clear statistical information on the access list: Router# clear ip access-template 201 Router# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-40 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip arp inspection log clear ip arp inspection log To clear the status of the log buffer, use the clear ip arp inspection log command. clear ip arp inspection log Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the contents of the log buffer: Router# clear ip arp inspection log Router# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. show ip arp inspection log Displays the status of the log buffer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-41 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip arp inspection statistics clear ip arp inspection statistics To clear the dynamic ARP inspection statistics, use the clear ip arp inspection statistics command. clear ip arp inspection statistics [vlan vlan-range] Syntax Description vlan vlan-range Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Specifies the VLAN range. This example shows how to clear the DAI statistics from VLAN 1: Router# clear ip arp inspection statistics vlan 1 Router# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. clear ip arp inspection log Clears the status of the log buffer. show ip arp inspection log Displays the status of the log buffer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-42 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip auth-proxy watch-list clear ip auth-proxy watch-list To delete a single watch-list entry or all watch-list entries, use the clear ip auth-proxy watch-list command. clear ip auth-proxy watch-list {ip-addr | *} Syntax Description ip-addr IP address to be deleted from the watch list. * All watch-list entries from the watch list. Defaults This command has no default settings. Command Modes Privileged EXEC. Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you see entries in the watch list that you suspect are not valid, you can enter the clear ip auth-proxy watch-list command to clear them manually instead of waiting for the watch list to expire. Examples This example shows how to delete a single watch-list entry: Router# clear ip auth-proxy watch-list 12.0.0.2 Router# This example shows how to delete all watch-list entries: Router# clear ip auth-proxy watch-list * Router# Related Commands Command Description ip auth-proxy max-login-attempts Limits the number of login attempts at a firewall interface and QoS filtering and enters the ARP ACL configuration submode. ip auth-proxy watch-list Enables and configures an authentication proxy watch list. show ip auth-proxy watch-list Displays the information about the authentication proxy watch list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-43 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip cef epoch full clear ip cef epoch full To begin a new epoch and increment the epoch number for all tables (including the adjacency table), use the clear ip cef epoch full command. clear ip cef epoch full Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the clear ip cef epoch full command when you want to rebuild a table. This command allows old and new table entries to be distinguished within the same data structure and allows you to retain the old CEF database table while constructing the new table. These show commands display epoch information: Examples • show ip cef summary—Displays the table epoch for a specific FIB table. • show ip cef detail—Displays the epoch value for each entry of a specific FIB table. • show adjacency summary—Displays the adjacency table epoch. • show adjacency detail—Displays the epoch value for each entry of the adjacency table. This example shows the output before and after you clear the epoch table and increment the epoch number: Router# show ip cef epoch CEF epoch information: Table:Default-table Table epoch:2 (164 entries at this epoch) Adjacency table Table epoch:1 (33 entries at this epoch) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-44 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip cef epoch full Router# clear ip cef epoch full Router# show ip cef epoch CEF epoch information: Table:Default-table Table epoch:3 (164 entries at this epoch) Adjacency table Table epoch:2 (33 entries at this epoch) Router# Related Commands Command Description show adjacency detail Displays the information about the protocol detail and timer. show adjacency summary Displays a summary of CEF-adjacency information. show ip cef detail Displays detailed FIB entry information. show ip cef epoch Displays the epoch information for the adjacency table and all FIB tables. show ip cef summary Displays a summary of the FIB. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-45 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip cef inconsistency clear ip cef inconsistency To clear the statistics and records for the CEF-consistency checker, use the clear ip cef inconsistency command. clear ip cef inconsistency Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command clears the statistics and records that accumulate when you enable the ip cef table consistency-check command. Examples This example shows how to clear all statistics and records for the CEF-consistency checker: Router# clear ip cef inconsistency Router# Related Commands Command Description ip cef table consistency-check Enables the CEF-table consistency-checker types and parameters. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-46 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip dhcp snooping clear ip dhcp snooping To clear the DHCP-snooping table without disabling DHCP snooping, use the clear ip dhcp snooping command. clear ip dhcp snooping {binding | database | statistics} Syntax Description binding Clears the DHCP-snooping binding-entry table without disabling DHCP snooping. database Clears the DHCP-snooping database table without disabling DHCP snooping. statistics Clears the DHCP-snooping statistics table without disabling DHCP snooping. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the DHCP-snooping binding-entry table: Router# clear ip dhcp snooping binding Router# This example shows how to clear the DHCP-snooping database table: Router# clear ip dhcp snooping database Router# This example shows how to clear the DHCP-snooping statisics: Router# clear ip dhcp snooping statistics Router# Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping binding Displays the DHCP snooping binding entries. show ip dhcp snooping database Displays the status of the DHCP snooping database agent. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-47 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip flow stats clear ip flow stats To clear the NetFlow-switching statistics, use the clear ip flow stats command. clear ip flow stats Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show ip cache flow command displays the NetFlow-switching statistics. Examples This example shows how to clear the NetFlow-switching statistics: Router# clear ip flow stats Router# Related Commands Command Description show ip cache flow Displays a summary of the NetFlow cache-flow entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-48 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip igmp group clear ip igmp group To delete the entries for the IGMP-group cache, use the clear ip igmp group command. clear ip igmp [vrf vrf-name] group [{interface interface-number} | {group-name | group-address} {loopback interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. group-name (Optional) Group name as defined in the DNS hosts table or with the ip host command. group-address (Optional) Address of the multicast group in four-part, dotted notation. loopback interface-number (Optional) Specifies the loopback interface; valid values are from 0 to 2147483647. null interface-number (Optional) Specifies the null interface; the valid value is 0. port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 256. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The IGMP cache contains a list of hosts on the directly connected LAN. If the switch has joined a group, that group is also listed in the cache. To delete all entries from the IGMP cache, specify the clear ip igmp group command with no arguments. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-49 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip igmp group Examples This example shows how to clear the entries for a specific group from the IGMP cache: Router# clear ip igmp group 224.0.255.1 Router# This example shows how to clear the IGMP-group cache entries from a specific interface of the IGMP-group cache: Router# clear ip igmp group gigabitethernet 2/2 Router# Related Commands Command Description ip host Defines a static host name-to-address mapping in the host cache. show ip igmp groups Displays the multicast groups with receivers that are directly connected to the router and that were learned through IGMP. show ip igmp interface Displays the information about the IGMP-interface status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-50 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip igmp snooping statistics clear ip igmp snooping statistics To clear the IGMP-snooping statistics, use the clear ip igmp snooping statistics command. clear ip igmp snooping statistics [vlan vlan-id] Syntax Description vlan vlan-id Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Usage Guidelines If you do not enter a VLAN, the IGMP-snooping statistics for all VLANs is cleared. Examples This example shows how to clear the IGMP-snooping statistics for all VLANs: Router# clear ip igmp snooping statistics Router# This example shows how to clear the IGMP-snooping statistics for a specific VLAN: Router# clear ip igmp snooping statistics vlan 300 Router# Related Commands Command Description show ip igmp snooping statistics Displays information about IGMPv3 statistics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-51 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip mroute clear ip mroute To delete entries from the IP multicast routing table, use the clear ip mroute command. clear ip mroute [vrf vrf-name] {* | group} [source] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. * Deletes all entries from the IP multicast routing table. group Name or IP address of the multicast group; see the “Usage Guidelines” section for additional information. source (Optional) Name or address of a multicast source that is sending to the group; see the “Usage Guidelines” section for additional information. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The group argument specifies one of the following: • Name of the multicast group as defined in the DNS hosts table or with the ip host command. • IP address of the multicast group in four-part, dotted notation. If you specify a group name or address, you can also enter the source argument to specify a name or address of a multicast source that is sending to the group. A source does not need to be a member of the group. Examples This example shows how to delete all entries from the IP multicast routing table: Router# clear ip mroute * Router# This example shows how to delete all sources on the 228.3.0.0 subnet that are sending to the multicast group 224.2.205.42 from the IP multicast routing table. This example shows how to delete all sources on network 228.3, not individual sources: Router# clear ip mroute 224.2.205.42 228.3.0.0 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-52 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip mroute Related Commands Command Description ip host Defines a static host name-to-address mapping in the host cache. show ip mroute Displays the information about the IP-multicast routing table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-53 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip msdp peer clear ip msdp peer To clear the TCP connection to the specified MSDP peer, use the clear ip msdp peer command. clear ip msdp [vrf vrf-name] peer {peer-address | peer-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or name of the MSDP peer to which the TCP connection is cleared. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command closes the TCP connection to the peer, resets all the MSDP peer statistics, and clears the input and output queues to and from the MSDP peer. Examples This example shows how to clear the TCP connection to the MSDP peer at 224.15.9.8: Router# clear ip msdp peer 224.15.9.8 Router# Related Commands Command Description ip msdp peer Configures an MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-54 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip msdp sa-cache clear ip msdp sa-cache To clear MSDP source active cache entries, use the clear ip msdp sa-cache command. clear ip msdp [vrf vrf-name] sa-cache [group-address | group-name] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. group-address | group-name (Optional) Multicast group address or name for which source active entries are cleared from the source active cache. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines In order to have any source active entries in the cache to clear, you must enable source active caching by entering the ip msdp cache-sa-state command. If no multicast group is identified by group address or name, all source active cache entries are cleared. Examples This example shows how to clear the source active entries for the multicast group 224.5.6.7 from the cache: Router# clear ip msdp sa-cache 224.5.6.7 Router# Related Commands Command Description ip msdp peer Configures an MSDP peer. ip msdp cache-sa-state Creates a source-active state on the router. show ip msdp sa-cache Displays (S, G) state learned from MSDP peers. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-55 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip msdp statistics clear ip msdp statistics To clear statistics counters for one or all of the MSDP peers without resetting the sessions, use the clear ip msdp statistics command. clear ip msdp [vrf vrf-name] statistics [peer-address | peer-name] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name (Optional) Address or name of the MSDP peers whose statistics counters, reset count, and input/output count are cleared. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the counters for the peer named sanjose: Router# clear ip msdp statistics sanjose Router# Related Commands Command Description show ip msdp sa-cache Displays (S, G) state learned from MSDP peers. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-56 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip pim auto-rp clear ip pim auto-rp To delete entries from the Auto-RP cache, use the clear ip pim auto-rp command. clear ip pim [vrf vrf-name] auto-rp rp-address Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. rp-address Rendevous-point address; see the “Usage Guidelines” section for additional information. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enter the rp-address argument, only the entries related to the rendezvous point at this address are cleared. If you omit this argument, the entire Auto-RP cache is cleared. Examples This example shows how to delete all entries from the Auto-RP cache: Router# clear ip pim auto-rp 224.5.6.7 Router# Related Commands Command Description show ip pim rp mapping Displays the mappings for the PIM group to the active rendezvous points. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-57 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip pim snooping statistics clear ip pim snooping statistics To delete the IP PIM-snooping global statistics, use the clear ip pim snooping statistics command. clear ip pim snooping statistics Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the IP PIM statistics: Router# clear ip pim snooping statistics Router# Related Commands Command Description ip pim snooping (global configuration mode) Enables PIM snooping globally. show ip pim snooping statistics Displays statistical information about IP PIM snooping. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-58 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip pim snooping vlan clear ip pim snooping vlan To delete the IP PIM-snooping entries on a specific VLAN, use the clear ip pim snooping vlan command. clear ip pim snooping vlan vlan-id mac-address gda-address clear ip pim snooping vlan vlan-id mroute {* | {group-addr src-addr} {{downstream-neighbor ip-addr} | {upstream-neighbor ip-addr}}} clear ip pim snooping vlan vlan-id neighbor {* | ip-addr} Syntax Description vlan-id VLAN ID; valid values are from 1 to 4094. mac-address gda-address Specifies the multicast group MAC address to delete. mroute * Deletes all mroute entries. mroute group-addr src-addr Deletes the mroute entries at the specified group and source IP address. downstream-neighbor ip-addr Deletes the entries at the specified downstream neighbor originating the join/prune message. upstream-neighbor ip-addr Deletes the entries at the specified upstream neighbor receiving the join/prune message. neighbor * Deletes all neighbors. neighbor ip-addr Deletes the neighbor at the specified IP address. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the IP PIM statistics on a specific VLAN: Router# clear ip pim snooping vlan 25 statistics Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-59 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear ip pim snooping vlan Related Commands Command Description ip pim snooping (interface Enables PIM snooping on a specific interface. configuration mode) show ip pim snooping Displays information about IP PIM snooping. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-60 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear lacp counters clear lacp counters To clear the statistics for all interfaces belonging to a specific channel group, use the clear lacp counters command. clear lacp [channel-group] counters Syntax Description channel-group Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Channel group number; valid values are from 1 to 256. If you do not specify a channel-group, all channel groups are cleared. If you enter this command for a channel group that contains members in PAgP mode, the command is ignored. Examples This example shows how to clear the statistics for a specific group: Router# clear lacp 1 counters Router# Related Commands Command Description show lacp Displays LACP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-61 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear logging ip access-list cache clear logging ip access-list cache To clear all the entries from the OAL cache and send them to the syslog, use the clear logging ip access-list cache command. clear logging ip access-list cache Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear all the entries from the OAL cache and send them to the syslog: Router# clear logging ip access-list cache Router# Related Commands Command Description logging ip access-list cache (global configuration mode) Configures the OAL parameters globally. logging ip access-list cache (interface configuration mode) Enables an OAL-logging cache on an interface that is based on direction. show logging ip access-list Displays information about the logging IP access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-62 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mac-address-table dynamic clear mac-address-table dynamic To clear the dynamic address entries from the MAC-address table in Layer 2, use the clear mac-address-table dynamic command. clear mac-address-table dynamic [{address mac-addr} | {interface interface interface-number} | {protocol {assigned | ip | ipx | other}}] [vlan vlan-id] Syntax Description address mac-addr (Optional) Specifies the MAC address. interface interface (Optional) Specifies the interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. See the “Usage Guidelines” section for additional valid values. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. protocol assigned (Optional) Specifies the assigned protocol bucket accounts for such protocols as DECnet, Banyan VINES, and AppleTalk. protocol ip | ipx (Optional) Specifies the protocol type of the entries to clear. protocol other (Optional) Specifies the protocol types (other than IP or IPX) of the entries to clear. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Enter the clear mac-address-table dynamic command with no arguments to remove all dynamic entries from the table. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-63 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mac-address-table dynamic Examples This example shows how to clear all dynamic Layer 2 entries for a specific interface (e2/1) and protocol type (IPX): Router# clear mac-address-table dynamic interface e2/1 protocol ipx Router# Related Commands Command Description mac-address-table aging-time Configures the aging time for entries in the Layer 2 table. mac-address-table static Adds static entries to the MAC-address table or configures a static MAC address with IGMP snooping disabled for that address. show mac-address-table Displays the information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-64 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls acl counters clear mls acl counters To clear the MLS ACL counters, use the clear mls acl counters command. clear mls acl counters {all | {interface interface interface-number} [{loopback interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}}] Syntax Description all Clears all the MLS ACL counters for all interfaces. interface interface Clears counters that are associated with the specified interface; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. See the “Usage Guidelines” section for additional valid values. interface-number Module and port number; see the “Usage Guidelines” section for valid values. loopback interface-number (Optional) Specifies the loopback interface; valid values are from 0 to 2147483647. null interface-number (Optional) Specifies the null interface; the valid value is 0. port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 256. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enter the clear mls acl counters all, all the MLS ACL counters for all the modules and the supervisor engines are cleared. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to reset the MLS ACL counters in all interfaces: Router# clear mls acl counters all Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-65 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls acl counters Related Commands Command Description show tcam interface Displays information about the interface-based TCAM. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-66 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls cef ip accounting per-prefix clear mls cef ip accounting per-prefix To clear information about the IP per-prefix accounting statistics, use the clear mls cef ip accounting per-prefix command. clear mls cef ip accounting per-prefix {all | {prefix mask [instance]}} Syntax Description all Clears all per-prefix accounting statistics information. prefix Entry prefix in the format A.B.C.D. mask Entry prefix mask. instance (Optional) VPN Routing/Forwarding instance name. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear all information about the per-prefix accounting statistics: Router# clear mls cef ip accounting per-prefix all Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-67 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls cef ipv6 accounting per-prefix clear mls cef ipv6 accounting per-prefix To clear information about the IPv6 per-prefix accounting statistics, use the clear mls cef ipv6 accounting per-prefix command. clear mls cef ipv6 accounting per-prefix {all | {ipv6-address/mask [instance]}} Syntax Description all Clears all per-prefix accounting statistics information. ipv6-address Entry IPv6 address; see the “Usage Guidelines” section for formatting information. mask Entry prefix mask. instance (Optional) VPN Routing/Forwarding instance name. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When entering the ipv6-address/mask arguments, use this format, X:X:X:X::X/mask, where the valid values for mask are from 0 to 128. Examples This example shows how to clear all information about the per-prefix accounting statistics: Router# clear mls cef ipv6 accounting per-prefix all Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-68 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls ip multicast bidir-rpcache clear mls ip multicast bidir-rpcache To clear all bidirectional (Bider) rendezvous-point cache entries, use the clear mls ip multicast bidir-rpcache command. clear mls ip multicast bidir-rpcache Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to reset the Bidir counters: Router# clear mls ip multicast bidir-rpcache Router# Related Commands Command Description show mls ip multicast bidir Displays the Bidir hardware-switched entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-69 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls ip multicast group clear mls ip multicast group To delete an IP multicast group, use the clear mls ip multicast group command. clear mls ip multicast group {ip-name | group-address} Syntax Description ip-name Host IP name. group-address (Optional) Address of the multicast group in four-part, dotted notation. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to delete an IP multicast group: Router# clear mls ip multicast group 224.0.255.1 Router# Related Commands Command Description show mls ip multicast group Displays the entries for a specific multicast-group address. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-70 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls ip multicast statistics clear mls ip multicast statistics To reset the IP-multicast statistics counters, use the clear mls ip multicast statistics command. clear mls ip multicast statistics Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to reset the IP-multicast statistics counters: Router# clear mls ip multicast statistics Router# Related Commands Command Description show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-71 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls nde flow counters clear mls nde flow counters To clear the NDE counters, use the clear mls nde flow counters command. clear mls nde flow counters Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to reset the NDE counters: Router# clear mls nde flow counters Router# Related Commands Command Description show mls nde Displays information about the NDE hardware-switched flow. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-72 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls netflow clear mls netflow To clear the MLS NetFlow-shortcut entries, use the clear mls netflow command. clear mls netflow ip [destination ip-addr [source ip-addr-spec]] [dynamic | {sw-installed [non-static | static]}] [module mod] clear mls netflow ipv6 [destination ipv6-addr[/ipv6-prefix] [source ipv6-addr[/ipv6-prefix]]] [flow {tcp | udp}] [{destination | source} port-num] [dynamic | {sw-installed [non-static | static]}] [module mod] clear mls netflow mpls [top-label entry] [dynamic | {sw-installed [non-static | static]}] [module mod] clear mls ipx [[module mod] [destination ipx-network [ipx-node]] [source ipx-network] [macs mac-addr] [macd mac-addr] [interface interface-num] | [all]] Syntax Description ip Clears IP MLS entries. destination ip-addr (Optional) Specifies a destination full IP address or a subnet address. See the “Usage Guidelines” section for formatting guidelines. source ip-addr-spec (Optional) Specifies a source full IP address or a subnet address. See the “Usage Guidelines” section for formatting guidelines. dynamic (Optional) Clears NetFlow-statistics entries that are created in the hardware. sw-installed non-static (Optional) Clears software-installed nonstatic entries. sw-installed static (Optional) Clears software-installed static entries. module mod (Optional) Specifies a module number. ipv6 Clears IP version 6 software-installed entries. destination ipv6-addr (Optional) Specifies a destination full IPv6 address or a subnet address. See the “Usage Guidelines” section for formatting guidelines. /ipv6-prefix (Optional) IPv6 prefix; valid values are from 0 to 128. source iv6p-addr (Optional) Specifies a source full IPv6 address or a subnet address. See the “Usage Guidelines” section for formatting guidelines. flow tcp (Optional) Clears TCP flow information. flow udp (Optional) Clears UDP flow information. destination port-num (Optional) Specifies a destination port number. source port-num (Optional) Specifies a source port number. mpls Clears MPLS software-installed entries. top-label entry (Optional) Clears top-label entries; valid values are from 1 to 4294967295. ipx Clears IPX MLS entries. destination ipx-network (Optional) Specifies the destination IPX address. See the “Usage Guidelines” section for formatting guidelines. ipx-node (Optional) IPX node address. See the “Usage Guidelines” section for formatting guidelines. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-73 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls netflow source ipx-network (Optional) Specifies the source IPX address. See the “Usage Guidelines” section for formatting guidelines. macs mac-addr (Optional) Specifies the source MAC addresses to consider when searching for entries to purge. macd mac-addr (Optional) Specifies the destination MAC addresses to consider when searching for entries to purge. interface interface-num (Optional) Clears entries that are associated with the specified VLAN or interface. all (Optional) Clears all entries. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When entering the IPX address syntax, use the following format: • IPX network address—1..FFFFFFFE • IPX node address—x.x.x where x is 0..FFFF • IPX address—ipx_net.ipx_node (for example, 3.0034.1245.AB45, A43.0000.0000.0001) Entering any combination of input parameters narrows the search of entries to be cleared. The destination or source port-num keyword and argument should be specified as one of the following: telnet, FTP, WWW, SMTP, X, or DNS. Up to 16 routers can be included explicitly as MLS-RPs. Use the following syntax to specify an IP subnet address: • ip-subnet-addr or ipv6-subnet-addr—Short subnet address format. The trailing decimal number 00 in an IP or IPv6 address YY.YY.YY.00 specifies the boundary for an IP or IPv6 subnet address. For example, 172.22.36.00 indicates a 24-bit subnet address (subnet mask 172.22.36.00/255.255.255.0), and 173.24.00.00 indicates a 16-bit subnet address (subnet mask 173.24.00.00/255.255.0.0). However, this format can identify only a subnet address of 8, 16, or 24 bits. • ip-addr/subnet-mask or ipv6-addr/subnet-mask—Long subnet address format. For example, 172.22.252.00/255.255.252.00 indicates a 22-bit subnet address. This format can specify a subnet address of any bit number. To provide more flexibility, the ip-addr or ipv6-addr is a full host address, such as 172.22.253.1/255.255.252.00. • ip-addr/maskbits or ipv6-addr/maskbits—Simplified long subnet address format. The mask bits specify the number of bits of the network masks. For example, 172.22.252.00/22 indicates a 22-bit subnet address. The ip-addr or ipv6-addr is a full host address, such as 193.22.253.1/22, which has the same subnet address as the ip-subnet-addr or ipv6-subnet-addr. If you do not use the all keyword, you must specify at least one of the other four keywords (source, destination, flow, or interface) and its arguments. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-74 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls netflow A 0 value for the destination or source port-num keyword and argument clears all entries. Unspecified options are treated as wildcards, and all entries are cleared. Examples This example shows how to clear all the entries that are associated with a specific module (2) and that have a specific destination IP address (173.11.50.89): Router# clear mls netflow ip destination 173.11.50.89 module 2 Router# This example shows how to clear the IPv6 software-installed entries: Router# clear mls netflow ipv6 Router# This example shows how to clear the statistical information: Router# clear mls netflow dynamic Router# Related Commands Command Description show mls netflow ip Displays information about the hardware NetFlow IP. show mls netflow ipv6 Displays information about the hardware NetFlow IPv6 configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-75 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls qos clear mls qos To clear the MLS aggregate-QoS statistics, use the clear mls qos command. clear mls qos [{ip | ipx | mac | mpls | ipv6 | arp} [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}]] Syntax Description ip (Optional) Clears MLS IP aggregate-QoS statistics. ipx (Optional) Clears MLS IPX aggregate-QoS statistics. mac (Optional) Clears MLS MAC aggregate-QoS statistics. mpls (Optional) Clears MLS MPLS aggregate-QoS statistics. ipv6 (Optional) Clears MLS IPv6 aggregate QoS statistics. arp (Optional) Clears MLS ARP aggregate QoS statistics. interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. See the “Usage Guidelines” section for additional valid values. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 256. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Entering the clear mls qos command affects the policing token bucket counters and might allow traffic to be forwarded that would otherwise be policed. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-76 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls qos If you enter the clear mls qos command with no arguments, the global and per-interface aggregate QoS counters for all protocols are cleared. If you do not enter an interface type, the protocol aggregate-QoS counters for all interfaces are cleared. Examples This example shows how to clear the global and per-interface aggregate-QoS counters for all protocols: Router# clear mls qos Router# This example shows how to clear the specific protocol aggregate-QoS counters for all interfaces: Router# clear mls qos ip Router# Related Commands Command Description show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-77 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls statistics clear mls statistics To reset the MLS statistics counters, use the clear mls statistics command. clear mls statistics [module num] Syntax Description module num Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Specifies the module number. Usage Guidelines This command replaces the clear mls stats command. Examples This example shows how to reset the MLS statistics counters for all modules: Router# clear mls statistics Router# This example shows how to reset the MLS statistics counters for a specific module: Router# clear mls statistics module 5 Router# Related Commands Command Description show mls statistics Displays the MLS statistics for the IP, IPX, multicast, Layer 2 protocol, and QoS. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-78 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear mls stats clear mls stats To clear the MLS statistics, use the clear mls stats command. clear mls stats Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the MLS statistics for all modules: Router# clear mls stats Router# Related Commands Command Description clear mls statistics Resets the MLS statistics counters. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-79 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear pagp clear pagp To clear the port-channel information, use the clear pagp command. clear pagp {group-number | counters} Syntax Description group-number Channel group number; valid values are a maximum of 64 values from 1 to 256. counters Clears traffic filters. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the port-channel information for a specific group: Router# clear pagp 324 Router# This example shows how to clear the port-channel traffic filters: Router# clear pagp counters Router# Related Commands Command Description show pagp Displays port-channel information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-80 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear platform netint clear platform netint To clear the interrupt-throttling counters for the platform, use the clear platform netint command. clear platform netint Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to clear the interrupt-throttling counters for the platform: Router# clear platform netint Router# Related Commands Command Description show platform netint Displays the platform network-interrupt information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-81 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear port-security clear port-security To delete configured secure MAC addresses and sticky MAC addresses from the MAC address table, use the clear port-security command. clear port-security dynamic [{address mac-addr} | {interface interface-id}] [vlan vlan-id] Syntax Description address mac-addr (Optional) Deletes the specified secure MAC address or sticky MAC address. interface interface-id (Optional) Deletes all secure MAC addresses and sticky MAC addresses on the specified physical port or port channel. vlan vlan-id (Optional) Deletes the specified secure MAC address or sticky MAC address from the specified VLAN. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on negotiated trunks only. If you enter the clear port-security command without adding any keywords or arguments, the switch removes all the secure MAC addresses and sticky MAC addresses from the MAC address table. If you enter the clear port-security dynamic interface interface-id command, all the secure MAC addresses and sticky MAC addresses on an interface are removed from the MAC address table. You can verify that the information was deleted by entering the show port-security command. Examples This example shows how to remove a specific secure address from the MAC address table: Router# clear port-security dynamic address 0008.0070.0007 Router# This example shows how to remove all the secure MAC addresses and sticky MAC addresses learned on a specific interface: Router# clear port-security dynamic interface gigabitethernet0/1 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-82 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear port-security Related Commands Command Description show port-security Displays information about the port-security setting. switchport port-security Adds a MAC address to the list of secure MAC addresses. mac-address Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-83 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear spanning-tree detected-protocol clear spanning-tree detected-protocol To restart the protocol migration, use the clear spanning-tree detected-protocol command. clear spanning-tree detected-protocol [interface interface interface-num] Syntax Description interface interface (Optional) Specifies the interface type and number; possible valid values for type are ethernet, fastethernet, gigabitethernet, tengigabitethernet, port-channel, and vlan. See the “Usage Guidelines” section for additional valid values. interface-num Module and port number; see the “Usage Guidelines” section for valid values for port-channel and vlan. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines RSTP and MST have built-in compatibility mechanisms that allow them to interact properly with other versions of IEEE spanning tree or other regions. For example, a bridge running RSTP can send 802.1D BPDUs on one of its ports when it is connected to a legacy bridge. An MST bridge can detect that a port is at the boundary of a region when it receives a legacy BPDU or an MST BPDU that is associated with a different region. These mechanisms are not always able to revert to the most efficient mode. For example, an RSTP bridge that is designated for a legacy 802.1D stays in 802.1D mode even after the legacy bridge has been removed from the link. Similarly, an MST port assumes that it is a boundary port when the bridges to which it is connected have joined the same region. To force the MST port to renegotiate with the neighbors, enter the clear spanning-tree detected-protocol command. The valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 2 to 13 and valid values for the port number are 1 to 48. The number of valid values for port-channel number are a maximum of 64 values ranging from 1 to 256. If you enter the clear spanning-tree detected-protocol command with no arguments, the command is applied to every port of the Catalyst 6500 series switch. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-84 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear spanning-tree detected-protocol Examples This example shows how to restart the protocol migration on a specific interface: Router# clear spanning-tree detected-protocol fa1/1 Router# Related Commands Command Description show spanning-tree mst Displays information about the MST protocol. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-85 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear top counters interface report clear top counters interface report To clear the TopN reports, use the clear top counters interface report command. clear top counters interface report number Syntax Description number Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Number of ports to be displayed; valid values are from 1 to 5000 physical ports. This command is supported on Ethernet, Fast Ethernet, Gigabit Ethernet, and 10-Gigabit Ethernet ports only. LAN ports on the OSMs are also supported. The clear top interface report command clears all the completed reports. It does not clear the pending TopN reports. When you specify a report number, the TopN task is cleared regardless of its status. Examples This example shows how to clear all TopN tasks: Router# clear top counters interface report 04:00:06: %TOPN_COUNTERS-5-DELETED: TopN report 04:00:06: %TOPN_COUNTERS-5-DELETED: TopN report 04:00:06: %TOPN_COUNTERS-5-DELETED: TopN report 04:00:06: %TOPN_COUNTERS-5-DELETED: TopN report Router# 1 2 3 4 deleted deleted deleted deleted by by by by the the the the console console console console1/24/ This example shows the output if you attempt to clear a pending TopN task: Router# clear top counters interface report 4 04:52:12: %TOPN_COUNTERS-5-KILLED: TopN report 4 killed by the sattili onvty0 (9.10.69.9) Router# Related Commands Command Description collect top counters interface Lists the TopN processes and specific TopN reports. show top counters interface report Displays TopN reports and information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-86 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clear vlan counters clear vlan counters To clear the software-cached counter values to start from zero again for a specified VLAN or all existing VLANs, use the clear vlan counters command. clear vlan [vlan-id] counters Syntax Description vlan-id Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) VLAN ID; see the “Usage Guidelines” section for valid values. Usage Guidelines If you do not specify a vlan-id; the software-cached counter values for all existing VLANs are cleared. Examples This example shows how to clear the software-cached counter values for a specific VLAN: Router# clear vlan 10 counters Clear "show vlan" counters on this vlan [confirm]y Router# Related Commands Command Description show vlan counters Displays the software-cached counter values. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-87 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clock clock To configure the port clocking mode for the 1000BASE-T transceivers, use the clock command. To return to the default settings, use the no form of this command. clock {auto | active [prefer] | passive [prefer]} no clock Syntax Description auto Enables the automatic clock configuration. active Enables the active operation. prefer (Optional) Negotiates the specified mode with the far end of the link. passive Enables the passive operation. Defaults auto Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the 1000BASE-T transceivers only. If the clock mode of the near end of a link does not match the clock mode of the far end, the line protocol does not come up. The active and passive clock status is determined during autonegotiation before the transmission link is established. The clock command supports the following configurations: • auto—Autonegotiates with the far end of the link but gives preference to the active-clock switch. • active—Uses a local clock to determine transmitter-operation timing. • passive—Recovers the clock from the received signal and uses the recovered clock to determine transmitter-operation timing. • active prefer—Autonegotiates with the far end of the link but gives preference to the active-clock switch. • passive prefer—Autonegotiates with the far end of the link but gives preference to the passive-clock switch. Enter the show running-config interface command to display the current clock mode. Enter the show interfaces command to display the clock mode that is negotiated by the firmware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-88 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA clock Examples This example shows how to enable the active-clock operation: Router(config-if)# clock active Router(config-if)# Related Commands Command Description show interfaces Displays the traffic that is seen by a specific interface. show running-config interface Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-89 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA collect top counters interface collect top counters interface To list the TopN processes and specific TopN reports, use the collect top counters interface command. collect top [number] counters interface interface-type [interval seconds] [sort-by sort-by-value] Syntax Description Defaults number (Optional) Number of ports to be displayed; valid values are from 1 to 5000 physical ports. interface-type Type of ports to be used in the TopN request; valid values are all, ethernet, fastethernet, gigabitethernet, tengigabitethernet, layer-2 vlan-num, and layer-3. interval seconds (Optional) Specifies the interval over which the statistics is gathered; valid values are from 0 to 999 seconds. sort-by sort-by-value (Optional) Specifies the port statistic to generate the report on; valid values are as follows: • broadcast—Sorts the report based on the receive and transmit broadcast packets. • bytes—Sorts the report based on the receive and transmit bytes. • errors—Sorts the report based on the receive errors. • multicast—Sorts the report based on the receive and transmit multicast packets. • overflow—Sorts the report based on the transmit overflow errors. • packets—Sorts the report based on the receive and transmit packets. • utilization—Sorts the report based on the port utilization. The defaults are as follows: • number is 20 physical ports. • sort-by-value is util. • seconds is 30 seconds. • interface-type is all. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-90 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA collect top counters interface Usage Guidelines This command is supported on Ethernet, Fast Ethernet, Gigabit Ethernet and 10-Gigabit Ethernet ports only. LAN ports on the OSMs are also supported. If you specify an interval of 0 seconds, the TopN report is generated based on the absolute counters value. You cannot specify the interval seconds keyword and argument when the sorting criteria is utilization because utilization can only be computed over an interval. When you specify the layer-2 vlan-num, valid values are from 1 to 4094 and indicates the number of the Layer 2 interface. Only a TopN task with a done status is allowed to display the report. If you try to view a report that is incomplete (pending), an appropriate message is displayed. The TopN utility collects the following port utilization data for each physical port over the seconds interval: • Total number of in and out bytes. • Total number of in and out packets. • Total number of in and out broadcast packets. • Total number of in and out multicast packets. • Total number of in errors (Ethernet ports such as CRC, undersize packets (+Runt), oversize packets, fragmentation, and jabber). • Total number of buffer-overflow errors including outlost packets; for example, these errors include transmit errors that are due to these buffer full and Ethernet ports: dmaTxOverflow and dmaTxFull. After the collection of information, the ports are sorted according to the sort-by-value argument, and the top number of ports are displayed. When the TopN reports are ready, a syslog message is displayed that the TopN reports are available. You can use the show top interface report command to view the reports. You can display the TopN reports multiple times until you enter the clear top interface report command to clear the reports. Use the clear top interface report command to clear the reports. Examples This example shows how to sort the TopN report based on the receive and transmit broadcast packets: Router# collect top 40 counters interface all sort-by broadcast Router# This example shows how to sort the TopN report based on the receive and transmit broadcast packets and specify the TopN sampling interval: Router# collect top 40 counters interface all sort-by broadcast interval 500 Router# Related Commands Command Description clear top counters interface report Clears the TopN reports. show top counters interface report Displays TopN reports and information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-91 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA control-plane control-plane To enter control-plane configuration mode, which allows users to associate or modify attributes or parameters (such as a service policy) that are associated with the control plane of the device, use the control-plane command. control-plane Syntax Description This command has no arguments or keywords. Defaults No control plane service policies are defined. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note You must set a policy action for every class. If you do not set a policy action for every class, the traffic skips the class that does not have a policy action and matches against the subsequent classes. After you enter the control-plane command, you can define aggregate control plane services for your route processor. For example, you can associate a service policy with the control plane to police all traffic that is destined to the control plane. Examples These examples show how to configure trusted hosts with source addresses 10.1.1.1 and 10.1.1.2 to forward Telnet packets to the control plane without constraint, while allowing all remaining Telnet packets to be policed at the specified rate: Router(config)# access-list 140 deny tcp host 10.1.1.1 any eq telnet ! Allow 10.1.1.2 trusted host traffic. Router(config)# access-list 140 deny tcp host 10.1.1.2 any eq telnet ! Rate limit all other Telnet traffic. Router(config)# access-list 140 permit tcp any any eq telnet ! Define class-map “telnet-class.” Router(config)# class-map telnet-class Router(config-cmap)# match access-group 140 Router(config-cmap)# exit Router(config)# policy-map control-plane Router(config-pmap)# class telnet-class Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-92 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA control-plane Router(config-pmap-c)# police 80000 conform transmit exceed drop Router(config-pmap-c)# exit Router(config-pmap)# exit ! Define aggregate control plane service for the active Route Processor. Router(config)# control-plane Router(config-cp)# service-policy input control-plane-policy Router(config-cp)# exit Related Commands Command Description class (policy-map) Specifies the name of the class that has a policy that you want to create or change or to specify the default class (commonly known as the class-default class) before you configure its policy. class-map Accesses the QoS class-map configuration mode to configure QoS class maps. drop Configures a traffic class to discard packets belonging to a specific class. match access-group Configures the match criteria for a class map on the basis of the specified ACL. policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. service-policy (control-plane) Attaches a policy map to a control plane for aggregate control plane services. show policy-map control-plane Displays the configuration either of a class or of all classes for the policy map of a control plane. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-93 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA copy /noverify copy /noverify To disable the automatic image verification for the current copy operation, use the copy /noverify command. copy /noverify source-url destination-url Syntax Description source-url Location URL or alias of the source file or directory to be copied; see the “Usage Guidelines” section for additional information. destination-url Destination URL or alias of the copied file or directory; see the “Usage Guidelines” section for additional information. Defaults Verification is done automatically after completion of a copy operation. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Timesaver The exact format of the source and destination URLs varies according to the file or directory location. You may enter either an alias keyword for a particular file or an alias keyword for a file system type (not a file within a type). Aliases are used to cut down on the amount of typing that you need to perform. For example, it is easier to type copy run start (the abbreviated form of the copy running-config startup-config command) than it is to type copy system:r nvram:s (the abbreviated form of the copy system:running-config nvram:startup-config command). These aliases allow you to continue using some of the common commands that are used in previous versions of Cisco IOS software. Table 2-3 shows two keyword shortcuts to URLs. Table 2-3 Common Keyword Aliases to URLs Keyword Source or Destination running-config (Optional) Specifies the alias for the system:running-config URL. This keyword does not work in the more and show file command syntaxes. startup-config (Optional) Specifies the alias for the nvram:startup-config URL. The nvram:startup-config keyword represents the configuration file that is used during initialization (startup). This file is contained in NVRAM. This keyword does not work in more and show file EXEC command syntaxes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-94 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA copy /noverify Table 2-4 through Table 2-6 list aliases by file system type. If you do not specify an alias, the system looks for a file in the current directory. Table 2-4 lists the URL prefix aliases for special (opaque) file systems, Table 2-5 lists the URL prefix aliases for network file systems, and Table 2-6 lists the URL prefix aliases for local writable storage file systems. Table 2-4 URL Prefix Aliases for Special File Systems Alias Source or Destination flh: Source URL for flash load helper log files. nvram: Router NVRAM. You can copy the startup configuration into or from NVRAM. You can also display the size of a private configuration file. null: Null destination for copies or files. You can copy a remote file to null to determine its size. system: Source or destination URL for system memory, which includes the running configuration. xmodem: Source destination for the file from a network device that uses the Xmodem protocol. ymodem: Source destination for the file from a network device that uses the Ymodem protocol. Table 2-5 URL Prefix Aliases for Network File Systems Alias Source or Destination ftp: Source or destination URL for an FTP network server. The syntax for this alias is as follows: ftp:[[[//username [:password]@]location]/directory]/filename. rcp: Source or destination URL for an rcp network server. The syntax for this alias is as follows: rcp:[[[//username@]location]/directory]/filename. tftp: Source or destination URL for a TFTP network server. The syntax for this alias is tftp:[[//location]/directory]/filename. Table 2-6 URL Prefix Aliases for Local Writable Storage File Systems Alias Source or Destination bootflash: Source or destination URL for boot flash memory. disk0: and disk1: Source or destination URL of rotating media. flash: Source or destination URL for flash memory. This alias is available on all platforms. For platforms that lack a flash device, note that flash: is aliased to slot0:, allowing you to refer to the main flash memory storage area on all platforms. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-95 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA copy /noverify Table 2-6 URL Prefix Aliases for Local Writable Storage File Systems (continued) Alias Source or Destination slavebootflash: Source or destination URL for internal flash memory on the slave RSP card of a device that is configured for HSA. slaveram: NVRAM on a slave RSP card of a device that is configured for HSA. slavedisk0: Source or destination URL of the first PCMCIA card on a slave RSP card of a device that is configured for HSA. slavedisk1: Source or destination URL of the second PCMCIA slot on a slave RSP card of a device that is configured for HSA. slaveslot0: Source or destination URL of the first .PCMCIA card on a slave RSP card of a router configured for HSA—Not supported slaveslot1: Source or destination URL of the second PCMCIA slot on a slave RSP card of a router configured for HSA—Not supported. slot0: Source or destination URL of the first PCMCIA flash memory card—Not supported. slot1: Source or destination URL of the second PCMCIA flash memory card—Not supported. You can enter on the command line all necessary source- and destination-URL information and the username and password to use, or you can enter the copy command and have the switch prompt you for any missing information. If you enter information, choose one of the following three options: running-config, startup-config, or a file system alias (see Table 2-3 through Table 2-6). The location of a file system dictates the format of the source or destination URL. The colon is required after the alias. However, earlier commands that do not require a colon remain supported but are unavailable in context-sensitive help. The entire copying process may take several minutes and differs from protocol to protocol and from network to network. In the alias syntax for ftp:, rcp:, and tftp:, the location is either an IP address or a hostname. The filename is specified for the directory that is used for file transfers. Enter the file verify auto command to set up verification globally. Examples This example shows how to disable the automatic image verification for the current copy operation: Router# copy /noverify tftp: sup-bootflash: ................................................. [OK - 24301348 bytes] 24301348 bytes copied in 157.328 secs (154463 bytes/sec) Router# Related Commands Command Description file verify auto Verifies the compressed Cisco IOS image checksum. verify Verifies the checksum of a file on a flash memory file system or computes an MD5 signature for a file. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-96 OL-11437-01 22 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA define interface-range define interface-range To create an interface-range macro, use the define interface-range command. define interface-range macro-name interface-range Syntax Description macro-name Name of the interface range macro; the macro name can contain up to 32 characters. interface-range Interface range; for a list of valid values for interface ranges, see the “Usage Guidelines” section. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The macro name is a 32-character maximum character string. A macro can contain up to five ranges. An interface range cannot span slots. When entering the interface-range, these formats can be used: • card-type {slot}/{first-interface} - {last-interface} • card-type {slot}/{first-interface} - {last-interface} Valid values for card-type are as follows: • ethernet • fastethernet • gigabitethernet • loopback • tengigabitethernet • tunnel • vlan vlan-id (valid values are from 1 to 4094) • port-channel interface-number (valid values are from 1 to 256) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-97 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA define interface-range Examples This example shows how to create a multiple-interface macro: Router(config)# define interface-range macro1 ethernet 1/2 - 5, fastethernet 5/5 - 10 Router(config)# Related Commands Command Description interface range Executes a command on multiple ports at the same time. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-98 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic bootup level diagnostic bootup level To set the bootup diagnostic level, use the diagnostic bootup level command. To skip all diagnostic tests, use the no form of this command. diagnostic bootup level {minimal | complete} default diagnostic bootup level no diagnostic bootup level Syntax Description minimal Specifies minimal diagnostics; see the “Usage Guidelines” section for additional information. complete Specifies complete diagnostics; see the “Usage Guidelines” section for additional information. default Returns to the default setting. Defaults minimal Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Setting the diagnostic level determines the level of testing that occurs when the system or module is reset. The two levels are as follows: • Complete—Runs all tests. • Minimal—Runs only EARL tests for the supervisor engine and loopback tests for all ports in the system. Although the default is minimal, you can set the diagnostic level to complete for troubleshooting hardware problems. In certain circumstances, you might want to skip the bootup online diagnostics completely. For example, you might skip the bootup online diagnostics to verify that a port is as bad as online diagnostics reports. To skip online diagnostic testing completely, enter the no diagnostic bootup level command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-99 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic bootup level For information on the diagnostic test types, see the show diagnostic command. The new level takes effect at the next reload or the next time that an online insertion and removal is performed. Examples This example shows how to set the bootup diagnostic level: Router(config)# diagnostic bootup level complete Router(config)# Related Commands Command Description show diagnostic bootup level Displays the coverage level for the configured boot-up diagnostics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-100 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic cns diagnostic cns To configure the CNS diagnostics, use the diagnostic cns command. To disable sending diagnostic results to the CNS event bus, use the no form of this command. diagnostic cns {publish | subscribe} [subject] default diagnostic cns {publish | subscribe} no diagnostic cns {publish | subscribe} [subject] Syntax Description publish Sends diagnostic results to a remote network application to make decisions and take corrective actions that are based on the diagnostic results. subscribe Receives messages from remote network applications to perform diagnostic tests or retrieve diagnostic results. subject (Optional) Event subject name. default Sets the default. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The online diagnostics receive events by subscribing to an event subject name. The subject is the event that you subscribe (receive) or publish (generate) through the CNS bus. The diagnostic cns publish command sends diagnostic results to a remote network application to make decisions and take corrective actions that are based on the diagnostic results. The diagnostic cns subscribe command receives messages from remote network applications to perform diagnostic tests or retrieve diagnostic results. Examples This example shows how to enable the publishing of diagnostic results: Router(config)# diagnostic cns publish Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-101 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic cns This example shows how to receive messages from remote network applications to perform diagnostic tests or retrieve diagnostic results: Router(config)# diagnostic cns subscribe Router(config)# This example shows how to set the default to publish: Router(config)# default diagnostic cns publish Router(config)# Related Commands Command Description show diagnostic cns Displays the information about the CNS subject. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-102 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic event-log size diagnostic event-log size To modify the diagnostic event-log size dynamically, use the diagnostic event-log size command. To return to the default settings, use the no form of this command. diagnostic event-log size size default diagnostic event-log size no diagnostic event-log size Syntax Description size Diagnostic event-log size; valid values are from 1 to 10000 entries. default Returns to the default setting. Defaults The size is 500 entries. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The events are dynamically allocated and stored in a circular queue. You can enter either the default diagnostic event-log size command or the no diagnostic event-log size command to return to the default settings. Examples This example shows how to set the diagnostic event-log size: Router(config)# diagnostic event-log size 600 Router(config)# Related Commands Command Description show diagnostic events Displays the event log for the diagnostic events. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-103 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic monitor diagnostic monitor To configure the health-monitoring diagnostic testing, use the diagnostic monitor command. To disable testing, use the no form of this command. diagnostic monitor interval {module num} test {test-id | test-id-range | all} [hour hh] [min mm] [second ss] [millisec ms] [day day] diagnostic monitor syslog diagnostic monitor {module num} test {test-id | test-id-range | all} no diagnostic monitor {interval | syslog} Syntax Description Defaults interval Sets the interval between testing. module num Specifies the module number. test Specifies a test to run. test-id Identification number for the test to be run; see the “Usage Guidelines” section for additional information. test-id-range Range of identification numbers for tests to be run; see the “Usage Guidelines” section for additional information. all Runs all the diagnostic tests. hour hh (Optional) Specifies the number of hours between tests; see the “Usage Guidelines” section for formatting guidelines. min mm (Optional) Specifies the number of minutes between tests; see the “Usage Guidelines” section for formatting guidelines. second ss (Optional) Specifies the number of seconds between tests; see the “Usage Guidelines” section for formatting guidelines. millisec ms (Optional) Specifies the number of milliseconds between tests; see the “Usage Guidelines” section for formatting guidelines. day day (Optional) Specifies the number of days between tests; see the “Usage Guidelines” section for formatting guidelines. syslog Enables the generation of a syslog message when a health-monitoring test fails. The defaults are as follows: Command Modes • Depending on the test run, monitoring may be enabled or disabled. • Depending on the test run, the default monitoring interval varies. • syslog is enabled. Global configuration Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-104 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic monitor Command History Usage Guidelines Release Modification 12.2(18)ZY Support for this command was introduced. Use these guidelines when scheduling testing: • test-id—Enter the show diagnostic content command to display the test ID list. • test-id-range—Enter the show diagnostic content command to display the test ID list. Enter the range as integers separated by a comma and a hyphen (for example, 1,3-6 specifies test IDs 1, 3, 4, 5, and 6). • hh—Enter the hours from 1 to 24. • mm—Enter the minutes from 1 to 60. • day—Enter the day of the week as a number from 1 to 7 (1 is Sunday). • ss—Enter the seconds from 1 to 60. • ms—Enter the milliseconds from 1 to 1000. Enter the [no] diagnostic monitor test {test-id | test-id-range | all} command to enable or disable the specified health monitoring test. When entering the diagnostic monitor {module num} test {test-id | test-id-range | all} command, observe the following: • Required – Isolate network traffic by disabling all connected ports and do not pump test packets during the test. – Remove all modules for testing FIB TCAM and SSRAM memory on the PFC of the supervisor engine. – Reset the system or the test module before putting the system back into the normal operating mode. • Recommended – Turn off all background health-monitoring tests on the supervisor engine and the modules using the no diagnostic monitor {module num} test {test-id | test-id-range | all} command. The FIB TCAM test for central PFC3B (on the supervisor engine) takes approximately 4 hours and 30 minutes. The FIB TCAM test takes approximately 16 hours. Examples This example shows how to run the specified test every 3 days, 10 hours, and 2 minutes: Router(config)# diagnostic monitor interval module 1 test 1 day 3 hours 10 min 2 Router(config)# This example shows how to enable the generation of a syslog message when any health-monitoring test fails: Router(config)# diagnostic monitor syslog Router(config)# Related Commands Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-105 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic monitor Command Description show diagnostic content Displays test information including test ID, test attributes, and supported coverage test levels for each test and for all modules. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-106 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic ondemand diagnostic ondemand To configure the ondemand diagnostics, use the diagnostic ondemand command. diagnostic ondemand {iteration iteration-count} | {action-on-error {continue | stop} [error-count]} Syntax Description Defaults iteration iteration-count Sets the number of times that the same test will be rerun when the command is issued. action-on-error Sets the execution action when an error is detected. continue Continues testing when a test failure is detected. stop Stops testing when a test failure is detected. error-count (Optional) Number of errors that are allowed before stopping; used with the continue option. The default settings are as follows: • iteration-count is 1. • action-on-error is continue. • error-count is 0. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Entering 0 for the error-count sets the number of errors that are allowed to unlimited. Examples This example shows how to set the on-demand testing iteration count: Router# diagnostic ondemand iteration 4 Router# This example shows how to set the execution action when an error is detected: Router# diagnostic ondemand action-on-error continue 2 Router# Related Commands Command Description show diagnostic ondemand Displays the settings for the on-demand diagnostics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-107 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic schedule test diagnostic schedule test To set the scheduling of test-based diagnostic testing for a specific module or schedule a supervisor engine switchover, use the diagnostic schedule test command. To remove the scheduling, use the no form of this command. diagnostic schedule {module {num | active-sup-slot}} test {test-id | test-id-range | all} [port {num | num-range | all}] {on mm dd yyyy hh:mm} | {daily hh:mm} | {weekly day-of-week hh:mm} no diagnostic schedule test Syntax Description module num Specifies the module number. module active-sup-slot Specifies the slot number of the active supervisor engine. test-id Identification number for the test to be run; see the “Usage Guidelines” section for additional information. test-id-range Range of identification numbers for tests to be run; see the “Usage Guidelines” section for additional information. all Runs all diagnostic tests. port (Optional) Specifies the port to schedule testing. num Port number. num-range Range of port numbers, separated by a hyphen. all Specifies all ports. on mm dd yyyy hh:mm Specifies the scheduling of a test-based diagnostic task; see the “Usage Guidelines” section for formatting guidelines. daily hh:mm Specifies the daily scheduling of a test-based diagnostic task; see the “Usage Guidelines” section for formatting guidelines. weekly day-of-week hh:mm Specifies the weekly scheduling of a test-based diagnostic task; see the “Usage Guidelines” section for formatting guidelines. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-108 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic schedule test Usage Guidelines Use these guidelines when scheduling testing: • test-id—Enter the show diagnostic content command to display the test ID list. • test-id-range—Enter the show diagnostic content command to display the test ID list. Enter the range as integers separated by a comma and a hyphen (for example, 1,3-6 specifies test IDs 1, 3, 4, 5, and 6). • num-range—Enter the range as integers separated by a comma and a hyphen (for example, you can enter 1,3-6 to specify ports 1, 3, 4, 5, and 6). • mm—Spell out the month such as january, february ... december (either uppercase or lowercase characters). • dd—Enter the day as a 2-digit number. • yyyy—Enter the year as a 4-digit number. • hh:mm—Enter the time as a 2-digit number (for a 24-hour clock) for hours:minutes; the colon (:) is required. • day-of-week—Spell out the day of the week, such as monday, tuesday... sunday (either uppercase or lowercase characters). • port {num | num-range | all}—Is not supported when specifying a scheduled switchover. Enter the show diagnostic content command to display the test ID list. You can use the diagnostic schedule module active-sup-slot test test-id command to schedule a switchover from the active supervisor engine to the standby supervisor engine. Enter the show diagnostic content active-sup-slot command to display the test ID list and look for the test ID in the ScheduleSwitchover field. You can specify a periodic switchover (daily or weekly) or a single switchover occurrence at a specific time using these commands: Note Examples • diagnostic schedule module active-sup-slot test test-id on mm dd yyyy hh:mm • diagnostic schedule module active-sup-slot test test-id daily hh:mm • diagnostic schedule module active-sup-slot test test-id weekly day-of-week hh:mm To avoid system downtime if the standby supervisor engine cannot switch over the system, we recommend that you schedule a switchover from the standby supervisor engine to the active supervisor engine 10 minutes after the switchover occurs. See the “Examples” section for additional information. This example shows how to schedule the diagnostic testing on a specific date and time for a specific module and port: Router(config)# diagnostic schedule module 1 test 1,2,5-9 port 3 on january 3 2003 23:32 Router(config)# This example shows how to schedule the diagnostic testing to occur daily at a certain time for a specific port and module: Router(config)# diagnostic schedule module 1 test 1,2,5-9 port 3 daily 12:34 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-109 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic schedule test This example shows how to schedule the diagnostic testing to occur weekly on a certain day for a specific port and module: Router(config)# diagnostic schedule module 1 test 1,2,5-9 port 3 weekly friday 09:23 Router(config)# This example shows how to schedule a switchover for the active supervisor engine every Friday at 10:00 pm, and switch the standby supervisor engine back to the active supervisor engine 10 minutes after the switchover occurs. For this example, these conditions apply: Related Commands • test-id is 32. • The active supervisor engine is in slot 5. • The standby supervisor engine is in slot 6. Command Description show diagnostic content Displays test information including test ID, test attributes, and supported coverage test levels for each test and for all modules. show diagnostic schedule Displays the current scheduled diagnostic tasks. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-110 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic start diagnostic start To run the specified diagnostic test, use the diagnostic start command. diagnostic start {module num} test {test-id | test-id-range | minimal | complete | basic | per-port | non-disruptive | all} [port {num | port#-range | all}] Syntax Description module num Specifies the module number. test Specifies a test to run. test-id Identification number for the test to be run; see the “Usage Guidelines” section for additional information. test-id-range Range of identification numbers for tests to be run; see the “Usage Guidelines” section for additional information. minimal Runs minimal bootup diagnostic tests. complete Runs complete bootup diagnostic tests. basic Runs basic on-demand diagnostic tests. per-port Runs per-port level tests. non-disruptive Runs the nondisruptive health-monitoring tests. all Runs all diagnostic tests. port num (Optional) Specifies the interface port number. port port#-range Specifies the interface port number range; see the “Usage Guidelines” section for additional information. port all Specifies all ports. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note We recommend that before you enable any online diagnostics tests that you enable the logging console/monitor to see all warning messages. Note We recommend that when you are running disruptive tests that you only run the tests when connected through console. When disruptive tests are complete a warning message on the console recommends that that you reload the system to return to normal operation. Note: Strictly follow this warning. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-111 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic start Note While this test is running, all ports are shut down as a stress test is being performed with looping ports internally and external traffic might skew the test results. The entire switch must be rebooted to bring the switch to normal operation. When you issue the command to reload the switch, the system will ask you if the configuration should be saved. Note: Do not save the configuration. Note If you are running the tests on a module that is not the supervisor engine, after the test is initiated and complete, you must reset the module. Note Do not enter the diagnostic start module x test all command on systems that are configured with a DFC3A because this command causes the TCAM test to fail. Enter the show diagnostic content command to display the test ID list. Enter the test-id-range or port#-range as integers separated by a comma and a hyphen (for example, 1,3-6 specifies test IDs 1, 3, 4, 5, and 6). Use the diagnostic stop command to stop the testing process. Examples This example shows how to run the specified diagnostic test at the specified slot: Router# diagnostic start module 1 test 5 Module 1:Running test(s) 5 may disrupt normal system operation Do you want to run disruptive tests? [no]yes 00:48:14:Running OnDemand Diagnostics [Iteration #1] ... 00:48:14:%DIAG-SP-6-TEST_RUNNING:Module 1:Running TestNewLearn{ID=5} ... 00:48:14:%DIAG-SP-6-TEST_OK:Module 1:TestNewLearn{ID=5} has completed successfully 00:48:14:Running OnDemand Diagnostics [Iteration #2] ... 00:48:14:%DIAG-SP-6-TEST_RUNNING:Module 1:Running TestNewLearn{ID=5} ... 00:48:14:%DIAG-SP-6-TEST_OK:Module 1:TestNewLearn{ID=5} has completed successfully Router# Related Commands Command Description diagnostic stop Stops the testing process. show diagnostic Displays the test results of the online diagnostics and lists the supported test suites. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-112 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA diagnostic stop diagnostic stop To stop the testing process, use the diagnostic stop command. diagnostic stop {module num} Syntax Description module num Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Module number. Usage Guidelines Use the diagnostic start command to start the testing process. Examples This example shows how to stop the diagnostic test process: Router# diagnostic stop module 3 Router# Related Commands Command Description diagnostic start Runs the testing process. show diagnostic Displays the test results of the online diagnostics and lists the supported test suites. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-113 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA disconnect qdm disconnect qdm To disconnect a QDM session, use the disconnect qdm command. disconnect qdm [{client client-id}] Syntax Description client client-id Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Specifies a client to disconnect. QDM is not supported on OSM interfaces. If you enter the disconnect qdm command without any arguments, all QDM sessions are disconnected. You can obtain the client-id by entering the show qdm status command. Examples This example shows how to disconnect a QDM session: Router# disconnect qdm client 1 Router# Related Commands Command Description show qdm status Displays information about the status for the currently active QDM clients who are connected to the Catalyst 6500 series switch. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-114 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA do do To execute the EXEC-level commands from global configuration mode or other configuration modes or submodes, use the do command. do command Syntax Description command Defaults This command has no default settings. Command Modes Global configuration or any other configuration mode or submode from which you are executing the EXEC-level command. Command History Release Modification 12.2(18)ZY Support for this command was introduced. EXEC-level command to be executed. Usage Guidelines Caution Do not enter the do command in EXEC mode. Interruption of service may occur. You cannot use the do command to execute the configure terminal command because entering the configure terminal command changes the mode to configuration mode. You cannot use the do command to execute the copy or write command in the global configuration or any other configuration mode or submode. Examples This example shows how to execute the EXEC-level show interfaces command from within global configuration mode: Router(config)# do show interfaces serial 3/0 Serial3/0 is up, line protocol is up Hardware is M8T-RS232 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input never, output 1d17h, output hang never Last clearing of "show interface" counters never . . . Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-115 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x default dot1x default To reset the configurable 802.1X parameters to the default settings, use the dot1x default command. dot1x default Syntax Description This command has no arguments or keywords. Defaults The default values are as follows: • The per-interface 802.1X protocol enable state is disabled (force-authorized). • The number of seconds between reauthentication attempts is 3600 seconds. • The quiet period is 60 seconds. • The retransmission time is 30 seconds. • The maximum retransmission number is 2 times. • The multiple host support is disabled. • The client timeout period is 30 seconds. • The authentication server timeout period is 30 seconds. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to reset the configurable 802.1X parameters to the default values: Router(config-if)# dot1x default Setting the Default Configuration for Dot1x on this interface Router(config-if)# Related Commands Command Description show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-116 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x max-req dot1x max-req To set the number of times that the switch sends an EAP-request/identity frame to the client before restarting the authentication process, use the dot1x max-req command. To return to the default settings, use the no form of this command. dot1x max-req count no dot1x max-req Syntax Description count Defaults The count is 2. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Number of times that the switch sends an EAP-request/identity frame to the client before restarting the authentication process; valid values are from 1 to 10. Usage Guidelines You should change the default value only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain clients and authentication servers. Examples This example shows how to set 5 as the number of times that the switch sends an EAP-request/identity request before restarting the authentication process: Router(config-if)# dot1x max-req 5 Router(config-if)# Related Commands Command Description show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-117 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x multi-hosts dot1x multi-hosts To allow multiple hosts (clients) on an 802.1X-authorized port, use the dot1x multi-hosts command. To disallow multiple hosts, use the no form of this command. dot1x multi-hosts no dot1x multi-hosts Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Before entering this command, ensure that the dot1x port-control command is set to auto for the specified interface. Examples This example shows how to allow multiple hosts: Router(config-if)# dot1x multi-hosts Router(config-if)# This example shows how to disallow multiple hosts: Router(config-if)# no dot1x multi-hosts Router(config-if)# Related Commands Command Description dot1x port-control Sets the port control value. show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-118 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x port-control dot1x port-control To set the port control value, use the dot1x port-control command. To return to the default settings, use the no form of this command. dot1x port-control value no dot1x port-control Syntax Description value Defaults force-authorized Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Port-control value; valid values are auto, force-authorized, and force-unauthorized; see the “Usage Guidelines” section for more information. The port-control value definitions are as follows: • force-authorized—Disables 802.1X port-based authentication and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1X-based authentication of the client. • force-unauthorized—Causes the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate. Authentication services are not provided to the client through the interface. • auto—Enables 802.1X port-based authentication and causes the port to begin in the unauthorized state, allowing only EAPOL frames to be sent and received through the port. The authentication process begins when the link state of the port transitions from down to up or when an EAPOL-start frame is received. The system requests the identity of the client and begins relaying authentication messages between the client and the authentication server. Each client attempting to access the network is uniquely identified by the system by using the client’s MAC address. To check the port-control configuration, enter the show dot1x command and check the Status column in the 802.1X Port Summary section. An enabled status means that the port-control value is set either to auto or to force-unauthorized. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-119 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x port-control Examples This example shows how to set the port control to auto: Router(config-if)# dot1x port-control auto Router(config-if)# Related Commands Command Description show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-120 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x reauthentication dot1x reauthentication To enable periodic reauthentication of the client, use the dot1x reauthentication command. To return to the default settings, use the no form of this command. dot1x reauthentication no dot1x reauthentication Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Reauthentication does not disturb the status of an already authorized port. Examples This example shows how to enable periodic reauthentication of the client: Router(config-if)# dot1x reauthentication Router(config-if)# This example shows how to disable periodic reauthentication of the client: Router(config-if)# no dot1x reauthentication Router(config-if)# Related Commands Command Description dot1x timeout Sets the reauthentication timer. show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-121 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x system-auth-control dot1x system-auth-control To enable 802.1X globally, use the dot1x system-auth-control command. To disable 802.1X globally, use the no form of this command. dot1x system-auth-control no dot1x system-auth-control Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You must enable AAA and specify the authentication method list before enabling 802.1X. A method list describes the sequence and authentication methods to be queried to authenticate a user. Examples This example shows how to enable 802.1X globally: Router(config)# dot1x system-auth-control Router(config)# This example shows how to disable 802.1X globally: Router(config)# no dot1x system-auth-control Router(config)# Related Commands Command Description aaa authentication dot1x Specifies one or more AAA methods for use on interfaces running IEEE 802.1X. aaa new-model Enables the AAA access-control model. show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-122 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x timeout dot1x timeout To set the reauthentication timer, use the dot1x timeout command. To return to the default settings, use the no form of this command. dot1x timeout {{reauth-period seconds} | {quiet-period seconds} | {tx-period seconds} | {supp-timeout seconds} | {server-timeout seconds}} no dot1x timeout {reauth-period | quiet-period | tx-period | supp-timeout | server-timeout} Syntax Description Defaults reauth-period seconds Specifies the number of seconds between reauthentication attempts; valid values are from 1 to 65535. See the “Usage Guidelines” section for additional information. quiet-period seconds Specifies the number of seconds that the system remains in the quiet state following a failed authentication exchange with the client; valid values are from 0 to 65535 seconds. tx-period seconds Specifies the number of seconds that the system waits for a response to an EAP-request/identity frame from the client before retransmitting the request; valid values are from 30 to 65535 seconds. supp-timeout seconds Specifies the number of seconds that the system waits for the retransmission of EAP-request packets; valid values are from 30 to 65535 seconds. server-timeout seconds Specifies the number of seconds that the system waits for the retransmission of packets by the back-end authenticator to the authentication server; valid values are from 30 to 65535 seconds. The defaults are as follows: • reauth-period is 3600 seconds. • quiet-period is 60 seconds. • tx-period is 30 seconds. • supp-timeout is 30 seconds. • server-timeout is 30 seconds. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-123 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA dot1x timeout Usage Guidelines You must enable periodic reauthentication before you enter the dot1x timeout reauth-period command. Enter the dot1x reauthentication command to enable periodic reauthentication. The dot1x timeout reauth-period command affects the behavior of the system only if periodic reauthentication is enabled. Examples This example shows how to set the number of seconds between reauthentication attempts to 4000: Router(config-if)# dot1x timeout reauth-period 4000 Router(config-if)# This example shows how to set the quiet time on the system to 30 seconds: Router(config-if)# dot1x timeout quiet-period 30 Router(config-if)# This example shows how to set 60 as the number of seconds to wait for a response to an EAP-request/identity frame from the client before retransmitting the request: Router(config-if)# dot1x timeout tx-period 60 Router(config-if)# This example shows how to set the system-to-client retransmission time for the EAP-request frame to 25 seconds: Router(config-if)# dot1x timeout supp-timeout 25 Router(config-if)# This example shows how to set the system-to-authentication-server retransmission time for transport layer packets to 25 seconds: Router(config-if)# dot1x timeout server-timeout 25 Router(config-if)# This example shows how to return to the default reauthorization period: Router(config-if)# no dot1x timeout reauth-period Router(config-if)# Related Commands Command Description dot1x reauthentication Enables periodic reauthentication of the client. show dot1x Displays 802.1X information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-124 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA duplex duplex To configure the duplex operation on an interface, use the duplex command. To return the system to half-duplex mode, use the no form of this command. duplex {full | half} no duplex Syntax Description full Specifies full-duplex operation. half Specifies half-duplex operation. Defaults half Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Table 2-7 lists the supported command options by interface. Table 2-7 Supported duplex Command Options Supported Syntax Interface Type 10/100-Mbps module duplex [half | full] Default Setting Usage Guidelines See the “Usage Guidelines” section. If the speed is set to auto, you will not be able to set duplex. If the speed is set to 10 or 100, and you do not configure the duplex setting, the duplex is set to half. 100-Mbps fiber modules duplex [half | full] half — Gigabit Ethernet Interfaces duplex full full — 10-Mbps ports duplex [half | full] half — Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-125 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA duplex If the transmission speed on a 16-port RJ-45 Gigabit Ethernet port is set to 1000, the duplex mode is set to full. If the transmission speed is changed to 10 or 100, the duplex mode stays at half duplex. You must configure the correct duplex mode when the transmission speed is changed to 10 or 100 from 1000. Gigabit Ethernet is full duplex only. You cannot change the duplex mode on Gigabit Ethernet ports or on a 10/100/1000-Mps port that is configured for Gigabit Ethernet. When manually configuring the interface speed to either 10 or 100 Mbps, you should also configure the duplex mode on the interface. Note Caution Catalyst 6500 series switches cannot automatically negotiate the interface speed and duplex mode if either connecting interface is configured to a value other than auto. Changing the interface speed and duplex mode configuration might shut down and reenable the interface during the reconfiguration. Table 2-8 describes the relationship and the results for the different combinations of the duplex and speed commands. Table 2-8 Examples Relationship Between duplex and speed Commands duplex Command speed Command Resulting System Action duplex half or duplex full speed auto Autonegotiates both speed and duplex modes duplex half speed 10 Forces 10 Mbps and half duplex duplex full speed 10 Forces 10 Mbps and full duplex duplex half speed 100 Forces 100 Mbps and half duplex duplex full speed 100 Forces 100 Mbps and full duplex This example shows how to configure the interface for full-duplex operation: Router(config-if)# duplex full Router(config-if)# Related Commands Command Description interface Selects an interface to configure and enters interface configuration mode. show controllers Displays information that is specific to the hardware on a module. show interfaces Displays the traffic that is seen by a specific interface. speed Sets the port speed for an Ethernet interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-126 OL-11437-01 2 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA eigrp event-log-size eigrp event-log-size To set the size of the IP-EIGRP event log, use the eigrp event-log-size command. eigrp event-log-size size Syntax Description size Defaults This command has no default settings. Command Modes Router configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. IP-EIGRP event log size; valid values are from 0 to 4294967295. Usage Guidelines Once the configured event log size has been exceeded, the last configured (event-log-size) number of lines of log is retained. Examples This example shows how to set the size of the IP-EIGRP event log: Router (config-router)# eigrp event-log-size 5000010 Router (config-router)# Related Commands Command Description clear ip eigrp event Clears the IP-EIGRP event log. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-127 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA encapsulation dot1q encapsulation dot1q To enable the IEEE 802.1Q encapsulation of traffic on a specified subinterface in the VLANs, use the encapsulation dot1q command. encapsulation dot1q vlan-id [native] Syntax Description vlan-id Virtual LAN identifier; valid values are from 1 to 4094. native (Optional) Sets the PVID value of the port to the vlan-id value. Defaults This command has no default settings. Command Modes Subinterface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Always use the native keyword when the vlan-id is the ID of the 802.1Q native VLAN. Do not configure encapsulation on the native VLAN of an 802.1Q trunk without the native keyword. To enter the subinterface configuration mode, you must enter the interface configuration mode first and then enter the interface command to specify a subinterface. Examples This example shows how to set encapsulation for VLAN traffic using the 802.1Q protocol for VLAN 100: Router(config-subif)# encapsulation dot1q 100 Router(config-subif)# Related Commands Command Description encapsulation isl Enables ISL. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-128 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA encapsulation isl encapsulation isl To enable ISL, use the encapsulation isl command. encapsulation isl vlan-identifier Syntax Description vlan-identifier Defaults This command has no default settings. Command Modes Subinterface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines VLAN identifier; valid values are from 1 to 4094. ISL is a Cisco protocol that is used for interconnecting multiple switches and routers and for defining VLAN topologies. ISL encapsulation adds a 26-byte header to the beginning of the Ethernet frame. The header contains a 10-bit VLAN identifier that conveys VLAN membership identities between the switches. To enter the subinterface configuration mode, you must enter the interface configuration mode first and then enter the interface command to specify a subinterface. Examples This example shows how to enable ISL on Fast Ethernet subinterface 2/1.20: Router(config-subif)# encapsulation isl 400 Router(config-subif)# Related Commands Command Description bridge-group Assigns each network interface to a bridge group. show bridge vlan Displays virtual LAN subinterfaces. show interfaces Displays the traffic that is seen by a specific interface. show vlans Displays information about the Cisco IOS VLAN subinterfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-129 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA erase erase To erase a file system, use the erase command. erase {const_nvram: | nvram: | startup-config:} Syntax Description const_nvram: Erases all files under the const_nvram: partition. nvram: Erases NVRAM. startup-config: Erases the contents of the configuration memory. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Caution When you use the erase command to erase a file system, you cannot recover the files in the file system. The erase nvram: command replaces the write erase command and the erase startup-config command. You can use the erase command on both Class B and Class C flash file systems only. To reclaim space on flash file systems after deleting files using the delete command, you must use the erase command. The erase command erases all of the files in the flash file system. Class A flash file systems cannot be erased. You can delete individual files using the delete command and then reclaim the space using the squeeze command. You can also use the format command to format the flash file system. On Class C flash file systems, space is dynamically reclaimed when you use the delete command. You can also use either the format or erase command to reinitialize a Class C flash file system. The erase nvram: command erases NVRAM. On Class A file system platforms, if the CONFIG_FILE variable specifies a file in flash memory, the specified file is marked “deleted.” You can enter the erase const_nvram command to erase the VLAN database configuration file. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-130 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA erase Examples This example shows how to erase the NVRAM and the startup configuration in the NVRAM: Router# erase nvram: Router# Related Commands Command Description boot config Specifies the device and filename of the configuration file from which the system configures itself during initialization (startup). delete Deletes a file from a flash memory device or NVRAM. more Displays the startup configuration file contained in NVRAM or specified by nvram:startup-config: the CONFIG-FILE environment variable. show bootvar Displays information about the BOOT environment variable. undelete Recovers a file that is marked “deleted” on a flash file system. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-131 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA errdisable detect cause errdisable detect cause To enable the error-disable detection, use the errdisable detect cause command. To disable the error-disable detection, use the no form of this command. errdisable detect cause {all | dtp-flap | l2ptguard | link-flap | packet-buffer-error | pagp-flap | udld} no errdisable detect cause {all | dtp-flap | l2ptguard | link-flap | pagp-flap | udld} Syntax Description all Specifies error-disable detection for all error-disable causes. dtp-flap Specifies detection for the DTP flap error-disable cause. l2ptguard Specifies detection for the Layer 2 protocol-tunnel error-disable cause. link-flap Specifies detection for the link flap error-disable cause. packet-buffer-error Causes the packet buffer error to error-disable the affected port. pagp-flap Specifies detection for the PAgP flap error-disable cause. udld Specifies detection for the UDLD error-disable cause. Defaults Enabled for all causes. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Entering the no errdisable detect cause packet-buffer-error command allows you to detect the fault that triggers a power cycle of the affected module. A cause (bpduguard, dtp-flap, link-flap, pagp-flap, root-guard, udld) is defined as the reason why the error-disabled state occurred. When a cause is detected on an interface, the interface is placed in an error-disabled state (an operational state that is similiar to the link-down state). You must enter the shutdown and then the no shutdown commands to recover an interface manually from the error-disable state. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-132 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA errdisable detect cause Examples This example shows how to enable the error-disable detection for the Layer 2 protocol-tunnel guard error-disable cause: Router(config)# errdisable detect cause l2ptguard Router(config)# Related Commands Command Description show errdisable detect Displays the error-disable detection status. show interfaces status Displays the interface status or a list of interfaces in an error-disabled state on LAN ports only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-133 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA errdisable recovery errdisable recovery To configure the recovery mechanism variables, use the errdisable recovery command. To return to the default state, use the no form of this command. errdisable recovery cause {all | arp-inspection | bpduguard | channel-misconfig | dhcp-rate-limit | dtp-flap | gbic-invalid | l2ptguard | link-flap | pagp-flap | pesecure-violation | security-violation | udld | unicast-flood} errdisable recovery {interval interval} no errdisable recovery cause {all | {arp-inspection | bpduguard | channel-misconfig | dhcp-rate-limit | dtp-flap | gbic-invalid | l2ptguard | link-flap | pagp-flap | pesecure-violation | security-violation | udld | unicast-flood} no errdisable recovery {interval interval} Syntax Description Defaults cause Enables error-disable recovery to recover from a specific cause. all Enables the recovery timers for all error-disable causes. arp-inspection Enables error-disable recovery to recover from an ARP inspection cause. bpduguard Enables the recovery timer for the BPDU-guard error-disable cause. channel-misconfig Enables the recovery timer for the channel-misconfig error-disable cause. dhcp-rate-limit Enables the recovery timer for the DHCP rate-limit error-disable cause. dtp-flap Enables the recovery timer for the DTP-flap error-disable cause. gbic-invalid Enables the recovery timer for the GBIC invalid error-disable cause. l2ptguard Enables the recovery timer for the Layer 2 protocol-tunnel error-disable cause. link-flap Enables the recovery timer for the link-flap error-disable cause. pagp-flap Enables the recovery timer for the PAgP-flap error-disable cause. pesecure-violation Enables the recovery timer for the pesecure-violation error-disable cause. security-violation Enables the automatic recovery of ports that were disabled due to 802.1X security violations. udld Enables the recovery timer for the UDLD error-disable cause. unicast-flood Enables the recovery timer for the unicast-flood error-disable cause. interval interval Specifies the time to recover from a specified error-disable cause; valid values are from 30 to 86400 seconds. The defaults are as follows: Command Modes • Disabled for all causes. • If enabled, the interval is 300 seconds. Global configuration Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-134 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA errdisable recovery Command History Usage Guidelines Release Modification 12.2(18)ZY Support for this command was introduced. The secure-violation option is not supported. A cause (bpduguard, dhcp-rate-limit, dtp-flap, l2ptguard, link-flap, pagp-flap, security-violation, channel-misconfig, psecure-violation, udld, or unicast-flood) is defined as the reason why the error-disabled state occurred. When a cause is detected on an interface, the interface is placed in an error-disabled state (an operational state that is similiar to the link-down state). If you do not enable errdisable recovery for the cause, the interface stays in the error-disabled state until a shutdown and no shutdown occurs. If you enable recovery for a cause, the interface is brought out of the error-disabled state and allowed to retry operation once all the causes have timed out. You must enter the shutdown and then the no shutdown commands to recover an interface manually from the error-disabled state. Examples This example shows how to enable the recovery timer for the BPDU-guard error-disable cause: Router(config)# errdisable recovery cause bpduguard Router(config)# This example shows how to set the timer to 300 seconds: Router(config)# errdisable recovery interval 300 Router(config)# Related Commands Command Description show errdisable recovery Displays the information about the error-disable recovery timer. show interfaces status Displays the interface status or a list of interfaces in an error-disabled state on LAN ports only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-135 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA error-detection packet-buffer action error-detection packet-buffer action To specify the action that a module takes after packet buffer memory failures, use the error-detection packet-buffer action command. To return to the default settings, use the no form of this command. error-detection packet-buffer action {module num} {error-disable | power-down | reset} Syntax Description module num Specifies the module number. error-disable Error disables the module. power-down Powers down the module. reset Resets the module. Defaults Error-disable port group Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the following modules only: • WS-X6348-RJ-45 • WS-X6348-RJ-21V • WS-X6248-RJ-45 • WS-X6248-TEL • WS-X6148-RJ-45 • WS-X6148-RJ-21 When you specify the reset keyword, a rapid reboot (approximately 10 seconds) and not a normal reboot (approximately 45 to 50 seconds) is performed. Prior to this release, the module always went through a non-rapid reboot. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-136 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA error-detection packet-buffer action Examples This example shows how to set the module to error disable after packet buffer memory failures: Router(config)# error-detection packet-buffer action module 2 error-disable Router(config)# This example shows how to set the module to power down after packet buffer memory failures: Router(config)# error-detection packet-buffer action module 2 power-down Router(config)# This example shows how to set the module to reset after packet buffer memory failures: Router(config)# error-detection packet-buffer action module 2 reset Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-137 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA file verify auto file verify auto To verify the compressed Cisco IOS image checksum, use the file verify auto command. To turn off automatic verification after a copy operation, use the no form of this command. file verify auto no file verify auto Syntax Description This command has no arguments or keywords. Defaults Verification is done automatically after completion of a copy operation. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Enter the copy /noverify command to override the default behavior for a single copy operation. Examples This example shows how to verify the compressed Cisco IOS image checksum: Router(config)# file verify auto Router(config)# Related Commands Command Description copy /noverify Disables the automatic image verification for the current copy operation. verify Verifies the checksum of a file on a flash memory file system or computes an MD5 signature for a file. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-138 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA flowcontrol flowcontrol To configure a port to send or receive pause frames, use the flowcontrol command. flowcontrol {send | receive} {desired | off | on} Syntax Description Defaults send Specifies that a port sends pause frames. receive Specifies that a port processes pause frames. desired Obtains predictable results regardless of whether a remote port is set to on, off, or desired. off Prevents a local port from receiving and processing pause frames from remote ports or from sending pause frames to remote ports. on Enables a local port to receive and process pause frames from remote ports or send pause frames to remote ports. Flow-control defaults depend upon port speed. The defaults are as follows: • Gigabit Ethernet ports default to off for receive and desired for send. • Fast Ethernet ports default to off for receive and on for send. • On the 24-port 100BASE-FX and 48-port 10/100 BASE-TX RJ-45 modules, the default is off for receive and off for send. • 10-Gigabit Ethernet ports are permanently configured to respond to pause frames, and the default for send is off. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The send and desired keywords are supported on Gigabit Ethernet ports only. Pause frames are special packets that signal a source to stop sending frames for a specific period of time because the buffers are full. Gigabit Ethernet ports on the Catalyst 6500 series switches use flow control to inhibit the transmission of packets to the port for a period of time; other Ethernet ports use flow control to respond to flow-control requests. If a Gigabit Ethernet port receive buffer becomes full, the port transmits a “pause” packet that tells remote ports to delay sending more packets for a specified period of time. All Ethernet ports (1000 Mbps, 100 Mbps, and 10 Mbps) can receive and act upon “pause” packets from other devices. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-139 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA flowcontrol You can configure non-Gigabit Ethernet ports to ignore received pause frames (disable) or to react to them (enable). When used with receive, the on and desired keywords have the same result. All Catalyst 6500 series switch Gigabit Ethernet ports can receive and process pause frames from remote devices. To obtain predictable results, follow these guidelines: Examples • Use send on only when remote ports are set to receive on or receive desired. • Use send off only when remote ports are set to receive off or receive desired. • Use receive on only when remote ports are set to send on or send desired. • Use send off only when remote ports are set to receive off or receive desired. These examples show how to configure the local port to not support any level of flow control by the remote port: Router(config-if)# flowcontrol receive off Router(config-if)# Router(config-if)# flowcontrol send off Router(config-if)# Related Commands Command Description show interfaces flowcontrol Displays flow-control information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-140 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA format format To format a Class A or Class C flash file system, use the format command. Class A flash file system: format bootflash: [spare spare-number] filesystem1: [[filesystem2:][monlib-filename]] Class C flash file system: format filesystem1: Caution Syntax Description Defaults Reserve a certain number of memory sectors as spares, so that if some sectors fail, most of the flash PC card can still be used. Otherwise, you must reformat the flash PC card when some of the sectors fail. spare spare-number (Optional) Specifies the number of the spare sectors to reserve on formatted flash memory; valid values are from 0 to 16. filesystem1: File system to format; valid values are disk0:, bootdisk:, and sup-bootdisk:; see the “Usage Guidelines” section for additional information. filesystem2: (Optional) File system containing the monlib file to use for formatting filesystem1 followed by a colon. monlib-filename (Optional) Name of the ROM monitor library file (monlib file) to use for formatting the filesystem1 argument. The defaults are as follows: • monlib-filename is the one bundled with the system software. • spare-number is zero (0). Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-141 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA format Usage Guidelines Use this command to format Class A or C flash memory file systems. The Supervisor Engine 32 PISA has these flash memory devices: • disk0: – One external CompactFlash Type II slot – Supports CompactFlash Type II Flash PC cards • sup-bootdisk: – Supervisor Engine 32 PISA 256-MB internal CompactFlash flash memory – From the Supervisor Engine 32 PISA ROMMON, it is bootdisk: • bootdisk: – PISA 256-MB internal CompactFlash flash memory – Not accessible from the Supervisor Engine 32 PISA ROMMON In some cases, you might need to insert a new flash PC card and load images or back up configuration files onto it. Before you can use a new flash PC card, you must format it. Sectors in flash PC cards can fail. Reserve certain flash PC sectors as “spares” by using the optional spare argument on the format command to specify between 0 and 16 sectors as spares. If you reserve a small number of spare sectors for emergencies, you can still use most of the flash PC card. If you specify 0 spare sectors and some sectors fail, you must reformat the flash PC card, which erases all existing data. The monlib file is the ROM monitor library. The ROM monitor uses this file to access files in the flash file system. The Cisco IOS system software contains a monlib file. When used with HSA and you do not specify the monlib-filename argument, the system takes the ROM monitor library file from the slave image bundle. If you specify the monlib-filename argument, the system assumes that the files reside on the slave devices. In the command syntax, filesystem1: specifies the device to format, and filesystem2: specifies the optional device containing the monlib file, used to format filesystem1:. If you omit the optional filesystem2: and monlib-filename arguments, the system formats filesystem1:, using the monlib file that is already bundled with the system software. If you omit only the optional filesystem2: argument, the system formats filesystem1:, using the monlib file from the device that you specified with the cd command. If you omit only the optional monlib-filename argument, the system formats filesystem1: using filesystem2:’s monlib file. When you specify both arguments—filesystem2: and monlib-filename—the system formats filesystem1:, using the monlib file from the specified device. You can specify filesystem1:’s own monlib file in this argument. If the system cannot find a monlib file, it terminates its formatting. Examples This example shows how to format a CompactFlash PC card that is inserted in slot 0: Router# format disk0: Running config file on this device, proceed? [confirm]y All sectors will be erased, proceed? [confirm]y Enter volume id (up to 31 characters): Formatting sector 1 (erasing) Format device disk0 completed When the console returns to the EXEC prompt, the new CompactFlash PC card is successfully formatted and ready for use. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-142 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA format Related Commands Command Description cd Changes the default directory or file system. copy Copies any file from a source to a destination. delete Deletes a file from a flash memory device or NVRAM. show file systems Lists available file systems. undelete Recovers a file that is marked as “deleted” on a flash file system. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-143 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA fsck fsck To check a flash file system for damage and to repair any problems, use the fsck command. fsck [/automatic | disk0:] Syntax Description /automatic (Optional) Specifies automatic mode; see the “Usage Guidelines” section for additional information. disk0: (Optional) Specifies the file system to check. Defaults The current file system is checked if disk0: is not specified. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is valid only on Class C flash file systems and on PCMCIA ATA flash disks and CompactFlash disks. If you do not enter any arguments, the current file system is used. Use the pwd command to display the current file system. If you enter the disk0: keyword, the fsck utility checks the selected file system for problems. If a problem is detected, a prompt is displayed asking if you want the problem fixed. If you enter the /automatic keyword, you are prompted to confirm that you want the automatic mode. In automatic mode, problems are fixed automatically and you are not prompted to confirm. Table 2-9 lists the checks and actions that are performed by the fsck utility. Table 2-9 fsck Utility Checks and Actions Checks Actions Checks the boot sector and the partition table and reports No action. the errors. Validates the media with the signature in the last 2 bytes No action. of the first sector (0x55 and 0xaa, respectively). Checks the os_id to find whether this is a FAT-12 or FAT-16 file system (valid values include 0, 1, 4, and 6). No action. Checks the number of FAT’s field (correct values are 1 and 2). No action. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-144 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA fsck Table 2-9 fsck Utility Checks and Actions (continued) Checks Actions Checks these values: No action. • n_fat_sectors cannot be less than 1. • n_root_entries cannot be less than 16. • n_root_sectors cannot be less than 2. • base_fat_sector, n_sectors_per_cluster, n_heads, n_sectors_per_track is not 0. Checks the files and FAT for these errors: Checks the FAT for invalid cluster numbers. If the cluster is a part of a file chain, the cluster is changed to end of file (EOF). If the cluster is not part of a file chain, it is added to the free list and unused cluster chain. Table 2-10 lists valid cluster numbers; numbers other than those listed in Table 2-10 are invalid numbers. Checks the file’s cluster chain for loops. If the loop is broken, the file is truncated at the cluster where the looping occurred. Checks the directories for nonzero size fields. If directories are found with nonzero size fields, the size is reset to zero. Checks for invalid start cluster file numbers. If the start cluster number of a file is invalid, the file is deleted. Checks files for bad or free clusters. If the file contains bad or free clusters, the file is truncated at the last good cluster; an example is the cluster that points to this bad/free cluster. Checks to see if the file’s cluster chain is longer than indicated by the size fields. If the file’s cluster chain is longer than indicated by the size fields, the file size is recalculated and the directory entry is updated. Checks to see if two or more files share the same cluster (crosslinked). If two or more files are crosslinked, you are prompted to accept the repair, and one of the files is truncated. Checks to see if the file’s cluster chain is shorter than is indicated by the size fields. If the file’s cluster chain is shorter than is indicated by the size fields, the file size is recalculated and the directory entry is updated. Checks to see if there are any unused cluster chains. If unused cluster chains are found, new files are created and linked to that file with the name fsck-start cluster. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-145 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA fsck Table 2-10 Valid Cluster Numbers Examples Cluster FAT-12 FAT-16 Next entry in the chain 2-FEF 2-FFEF Last entry in chain FF8-FFF FFF8-FFFF Available cluster 0 0 Bad cluster FF7 FFF7 This example shows how to run a check of the current file system: Router# fsck Checking the boot sector and partition table... Checking FAT, Files and Directories... Files 1) disk0:/FILE3 and 2) disk0:/FILE2 have a common cluster. Press 1/2 to truncate or any other character to ignore[confirm] q Ignoring this error and continuing with the rest of the check... Files 1) disk0:/FILE5 and 2) disk0:/FILE4 have a common cluster. Press 1/2 to truncate or any other character to ignore[confirm] 1 File disk0:/FILE5 truncated. Files 1) disk0:/FILE7 and 2) disk0:/FILE6 have a common cluster. . . . 1) disk0:/FILE15 and 2) disk0:/FILE13 have a common cluster. Press 1/2 to truncate or any other character to ignore[confirm] i Ignoring this error and continuing with the rest of the check... Reclaiming unused space... Created file disk0:/fsck-11 for an unused cluster chain Created file disk0:/fsck-20 for an unused cluster chain Created file disk0:/fsck-30 for an unused cluster chain Created file disk0:/fsck-35 for an unused cluster chain Created file disk0:/fsck-40 for an unused cluster chain Created file disk0:/fsck-46 for an unused cluster chain Created file disk0:/fsck-55 for an unused cluster chain Created file disk0:/fsck-62 for an unused cluster chain Created file disk0:/fsck-90 for an unused cluster chain Updating FAT... fsck of disk0: complete Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-146 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hold-queue hold-queue To limit the size of the IP output queue on an interface, use the hold-queue command. To return to the default settings, use the no form of this command. hold-queue length {in | out} no hold-queue {in | out} Syntax Description Defaults length Maximum number of packets in the queue; valid values are from 0 to 65535. in Specifies the input queue. out Specifies the output queue. The defaults are as follows: • The input hold-queue limit is 75 packets. • The default output hold-queue limit is 40 packets. • The default is 10 packets for asynchronous interfaces. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is not supported on the OSM. The default limits prevent a malfunctioning interface from consuming an excessive amount of memory. There is no fixed upper limit to a queue size. The default of ten packets allows the Cisco IOS software to queue a number of back-to-back routing updates. The default is for asynchronous interfaces only; other media types have different defaults. The guidelines for hold queues and priority queueing are as follows: • The hold queue stores packets that are received from the network and are waiting to be sent to the client. We recommend that the queue size does not exceed ten packets on asynchronous interfaces. For most other interfaces, the queue length should not exceed 100 packets. • The input hold queue prevents a single interface from flooding the network server with too many input packets. Additional input packets are discarded if the interface has too many outstanding input packets in the system. • If you use priority output queueing, you can set the length of the four output queues using the priority-list global configuration command.You cannot use the hold-queue command to set an output hold-queue length in this situation. • For slow links, use a small output hold-queue limit to prevent storing packets at a rate that exceeds the transmission capability of the link. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-147 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hold-queue Caution Examples • For fast links, use a large output hold-queue limit. A fast link may be busy for a short time (and require the hold queue) but can empty the output hold queue quickly when capacity returns. • You can display the current hold-queue setting and the number of packets that are discarded because of hold-queue overflows by using the show interfaces command in EXEC mode. Increasing the hold queue can cause negative effects to network routing and response times. If you use protocols that have sequence/acknowledge packets to determine round-trip times, do not increase the output queue. Instead, we recommend that you program the Catalyst 6500 series switch to drop packets and inform the hosts to slow down transmissions to match the available bandwidth. We do not recommend that you make duplicate copies of the same packet within the network. This example sets a small input queue on a slow serial line: Router(config)# interface serial 0 Router(config-if)# hold-queue 30 i Related Commands Command Description priority-list Establishes queueing priorities based on the protocol type. show interfaces Displays the traffic that is seen by a specific interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-148 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hw-module boot hw-module boot To specify the boot options for the module through the power management bus control register, use the hw-module boot command. hw-module {module num} {boot [value] {config-register | eobc | {flash image} | rom-monitor}} Syntax Description module num Specifies the number of the module to apply the command. value (Optional) Literal value for the module's boot option; valid values are from 0 to 15. See the “Usage Guidelines” section for additional information. config-register Boots using the module’s config-register value. eobc Boots using an image downloaded through EOBC. flash image Specifies the image number in the module’s internal flash memory for the module’s boot option; valid values are 1 and 2. rom-monitor Stays in ROM-monitor mode after the module resets. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the CMM only. The valid values for the boot value argument are as follows: Examples • 0—Specifies the module’s config-register value. • 1—Specifies the first image in the flash memory. • 2—Specifies the second image in the flash memory. • 3—Stays in ROM-monitor mode after the module reset. • 4—Specifies the download image through EOBC. This example shows how to reload the module in slot 6 using the module’s config-register value: Router# hw-module slot 1/6 boot config-register Router# This example shows how to reload the module in slot 3 using an image downloaded through EOBC: Router# hw-module slot 1/3 boot eobc Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-149 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hw-module fan-tray version hw-module fan-tray version To set the fan-type (high or low power) version, use the hw-module fan-tray version command. hw-module fan-tray version [1 | 2] Syntax Description 1|2 Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Specifies the version number; see the “Usage Guidelines” section for additional information. Before you install a high-capacity fan tray, enter the hw-module fan-tray version 2 command to check for configuration problems, such as power-supply compatibility and power sufficiency. If there are no problems, a message is displayed to change the fan tray from version 1 to version 2. At this point, you can remove the old fan tray and quickly insert the new high-capacity fan tray. This command is supported on the following chassis: • WS-C6506 • WS-C6509 • WS-C6509-NEB/OSR7609 Set the version to 2 before installing higher power fan trays. Set the version to 1 before downgrading to lower power fan trays. Command confirmation does not change the fan power consumption or cooling capacity. It updates the backplane IDPROM. The new values take effect the next time that you insert a fan. When you execute the command, the software checks the configurations and prompts for confirmation. Any illegal configurations (such as power-supply incompatibility) result in a warning being displayed and a command failure. Examples This example shows how to set the fan type for lower power fan trays: Router # hw-module fan-tray version 1 Router # Related Commands Command Description show environment cooling Displays information about the cooling parameter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-150 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hw-module oversubscription hw-module oversubscription To administratively disable the oversubscribed ports (3, 4, 7, and 8) on a module, use the hw-module oversubscription command. Use the no form of this command to enable the oversubscribed ports. hw-module {module num} oversubscription no hw-module {module num} oversubscription Syntax Description module num Defaults Enabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Applies the command to a specific module. This command is supported on the WS-X6708-10G-3C and the WS-X6708-10G-3CXL modules only. When you disable the oversubscribed ports, the port is put into shutdown mode. In this mode, you cannot enter the no shut command on the disabled ports. If you attempt to enter the no shut command on the disabled ports, this message appears: The current module is operating in non-oversubscription mode. To utilise this interface, enable oversubscription mode for the module. The num argument designates the module number. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. When you enter the show interfaces command on the disabled ports, the output displays “disabled for performance” to distinguish between the normal port shutdown and the shutdown for performance. Examples This example shows how to administratively disable the oversubscribed ports on a module: Router # hw-module module 3 oversubscription Router # This example shows how to administratively enable the oversubscribed ports on a module: Router # no hw-module module 3 oversubscription Router # Related Commands Command Description show interfaces Displays traffic that is seen by a specific interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-151 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hw-module reset hw-module reset To reset a module by turning the power off and then on, use the hw-module reset command. hw-module {module num} reset Syntax Description module num Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Applies the command to a specific module; see the “Usage Guidelines” section for valid values. Usage Guidelines The num argument designates the module number. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. Examples This example shows how to reload a specific module: Router # hw-module module 3 reset Router # Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-152 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hw-module shutdown hw-module shutdown To shut down the module, use the hw-module shutdown command. hw-module {module num} shutdown Syntax Description module num Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Applies the command to a specific module; see the “Usage Guidelines” section for valid values. This command is supported on the SSL Services Module and the NAM. If you enter the hw-module shutdown command to shut down the module, you will have to enter the no power enable module command and the power enable module command to restart (power down and then power up) the module. Examples This example shows how to shut down and restart the module: Router# hw-module module 3 shutdown Router# no power enable module 3 Router# power enable module 3 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-153 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA hw-module simulate link-up hw-module simulate link-up To enable a software link on a specified module, use the hw-module simulate link-up command. For information on disabling a software link, refer to the “Usage Guidelines” section. hw-module {module num} simulate link-up Syntax Description module num Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Applies the command to a specific module; see the “Usage Guidelines” section for valid values. This command is supported on Ethernet modules only. To disable a software link on a module, you must perform one of the following procedures: • Enter the shutdown and then the no shutdown commands on all the ports on the module. • Enter the hw-module reset command. When you apply this command to a module, the port LEDs on the module will glow green and simulate a link-up condition. This command can be used for testing interface configurations without cabling to the interface. The num argument designates the module number. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. Examples This example shows how to enable softlink on a module: Router# hw-module module 3 simulate link-up Router# Related Commands Command Description hw-module reset Resets a module by turning the power off and then on. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-154 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA instance instance To map a VLAN or a set of VLANs to an MST instance, use the instance command. To return the VLANs to the default instance (CIST), use the no form of this command. instance instance-id {vlans vlan-range} no instance instance-id Syntax Description instance-id Instance to which the specified VLANs are mapped; valid values are from 0 to 4094. vlans vlan-range Specifies the number of the VLANs to be mapped to the specified instance; valid values are from 1 to 4094. Defaults No VLANs are mapped to any MST instance (all VLANs are mapped to the CIST instance). Command Modes MST configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The vlans vlan-range is entered as a single value or a range. The mapping is incremental, not absolute. When you enter a range of VLANs, this range is added or removed to the existing instances. Any unmapped VLAN is mapped to the CIST instance. You can configure up to 65 interfaces Examples This example shows how to map a range of VLANs to instance 2: Router(config-mst)# instance 2 vlans 1-100 Router(config-mst)# This example shows how to map a VLAN to instance 5: Router(config-mst)# instance 5 vlans 1100 Router(config-mst)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-155 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA instance This example shows how to move a range of VLANs from instance 2 to the CIST instance: Router(config-mst)# no instance 2 vlans 40-60 Router(config-mst)# This example shows how to move all the VLANs that are mapped to instance 2 back to the CIST instance: Router(config-mst)# no instance 2 Router(config-mst)# Related Commands Command Description name (MST configuration submode) Sets the name of an MST region. revision Sets the revision number for the MST configuration. show Verifies the MST configuration. show spanning-tree mst Displays the information about the MST protocol. spanning-tree mst configuration Enters MST-configuration submode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-156 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface interface To select an interface to configure and enter interface configuration mode, use the interface command. interface {type module} [.subinterface] Syntax Description type Type of interface to be configured; see Table 2-11 for valid values. module Module and port number or port-subinterface number; see the “Usage Guidelines” section for additional information. .subinterface (Optional) Subinterface number to be configured; valid values are from 0 to 4294967295. Defaults No interface types are configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Table 2-11 lists the valid values for type. Table 2-11 Valid type Values Keyword Definition fastethernet 100-Mbps Ethernet interface. gigabitethernet Gigabit Ethernet IEEE 802.3z interface. tengigabitethernet 10-Gigabit Ethernet IEEE 802.3ae interface. ge-wan Gigabit Ethernet WAN IEEE 802.3z interface. pos Packet OC-3 interface on the Packet over SONET Interface Processor. atm ATM interface. vlan VLAN interface; see the interface vlan command. port-channel Port channel interface; see the interface port-channel command. null Null interface; the valid value is 0. tunnel Tunnel interface. By default, the Supervisor Engine 32 PISA EtherChannel (port channel interface 256, which is automatically configured with the pisa-channel command) is a 1-Gps EtherChannel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-157 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface Note The pisa-channel command is visible in the configuration file, but it is not user configurable. You can enter the number of a port subinterface in the following format: interface {{type module/port.subinterface}} The Supervisor Engine 32 PISA ports are as follows: • Supervisor Engine 32 PISA Management Ports—The console port for the Supervisor Engine 32 PISA port is an EIA/TIA-232 (RS-232) port. The Supervisor Engine 32 PISA also has two Universal Serial Bus (USB) 2.0 ports that currently are not enabled. • Supervisor Engine 32 PISA Data Ports for the WS-S32-10GE-PISA has the following ports: – Ports 1 and 2: XENPAK 10 Gigabit Ethernet – Port 3: 10/100/1000 Mbps RJ-45 Note • You can disable Port 3 and reallocate its port ASIC capacity to the PISA EtherChannel (see the “Configuring Full PISA EtherChannel Bandwidth” section in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY}. Supervisor Engine 32 PISA Data Ports for the WS-S32-GE-PISA has these ports: – Ports 1 through 8: Small form-factor pluggable (SFP) Gigabit Ethernet – Port 9: 10/100/1000 Mbps RJ-45 port Note Note You can disable port 9 and reallocate its port ASIC capacity to the PISA EtherChannel (see the “Configuring Full PISA EtherChannel Bandwidth” section in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY). After the port becomes a member of the PISA EtherChannel, only the no channel-group 256 mode on command has any effect on the port until the port is no longer a member of the PISA EtherChannel. While the port is a member of the PISA EtherChannel, all port configuration commands except the no channel-group 256 mode on command are ignored. On a WS-S32-GE-PISA, you can allocate both ports 8 and 9 to the PISA EtherChannel. You cannot enter any configuration under port channel interface 256. The PISA EtherChannel MTU size is 4,096 bytes. Examples This example shows how to allocate the port ASIC capacity of port 3 to the PISA EtherChannel on a WS-S32-10GE-PISA that is installed in slot 5: Router(config)# interface gigabitethernet 5/3 Router(config-if)# channel-group 256 mode on Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-158 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface This example shows how to allocate the port ASIC capacity of port 9 to the PISA EtherChannel on a WS-S32-GE-PISA that is installed in slot 5: Router(config)# interface gigabitethernet 5/9 Router(config-if)# channel-group 256 mode on Router(config-if)# This example shows how to revert to the default port ASIC capacity allocation. Router(config)# interface gigabitethernet 5/9 Router(config-if)# no channel-group 256 mode on Router(config-if)# Related Commands Command Description show interfaces Displays the traffic that is seen by a specific interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-159 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface port-channel interface port-channel To create a port-channel virtual interface and enter interface configuration mode, use the interface port-channel command. To remove a virtual interface or subinterface, use the no form of this command. interface port-channel channel-number[.subinterface] no interface port-channel channel-number[.subinterface] Syntax Description channel-number Channel number assigned to this port-channel interface; valid values are from 1 to 256. .subinterface (Optional) Subinterface number to be configured; valid values are from 0 to 4294967295. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is not supported on the IDSM and NAM. This command is supported on EtherChannel, Fast EtherChannel, Gigabit EtherChannel, and 10-Gigabit EtherChannel interfaces. The channel-number argument can be from 1 to 256, with a maximum of 128 port-channel interfaces. You can create Layer 2 port channels dynamically or by entering the interface port-channel command; you can create Layer 3 port channels by entering the interface port-channel command only. You cannot create Layer 3 port channels dynamically. Only one port channel in a channel group is allowed. Ports can be bundled across any module. Caution The Layer 3 port-channel interface is the routed interface. Do not enable Layer 3 addresses on the physical Fast Ethernet interfaces. When you use the interface port-channel command, follow these guidelines: • If you configure ISL, you must assign the IP address to the SVI. • If you want to use CDP, you must configure it only on the physical Fast Ethernet interface and not on the port-channel interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-160 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface port-channel • Examples If you do not assign a static MAC address on the port-channel interface, a MAC address is automatically assigned. If you assign a static MAC address and then later remove it, the MAC address is automatically assigned. This example shows how to create a port-channel interface with a channel-group number of 256: Router(config)# interface port-channel 256 Creating a switch port Po256. channel-group 256 is L2 Router(config-if)# Note Related Commands The port-channel interface counters that are shown by the show counters interface port-channel and show interface port-channel counters commands are not supported for channel groups that are using GE-WAN interfaces for QinQ link bundling. The show interface port-channel {number | number.subif} command (without the counters keyword) is supported, however. Command Description channel-group Assigns and configures an EtherChannel interface to an EtherChannel group. show etherchannel Displays the EtherChannel information for a channel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-161 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface range interface range To execute a command on multiple ports at the same time, use the interface range command. interface range {port-range | {macro name}} Syntax Description port-range Port range; for a list of valid values for port-range, see the “Usage Guidelines” section for additional information. macro name Specifies the macro name. Defaults This command has no default settings. Command Modes Global or interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The values that you entered with the interface range vlan command are applied to all existing VLAN SVIs. Before you can use a macro, you must define a range using the define interface-range command. All configuration changes that are made to a port range are saved to NVRAM, but port ranges that are created with the interface range command are not saved to NVRAM. You can enter the port range in two ways: • Specifying up to five port ranges • Specifying a previously defined macro You can either specify the ports or the name of a port-range macro. A port range must consist of the same port type, and the ports within a range cannot span slots. You can define up to five port ranges on a single command with each range separated by a comma. You can enter the range with or without white spaces. For example, you can enter the range as gigabitethernet 7/1 -7 or gigabitethernet 7/1-7. When you enter a range of VLANs, any SVIs that do not exist within that range are created. When entering the port-range, use this format: card-type {slot}/{first-port} - {last-port}. Valid values for card-type are as follows: • ethernet • fastethernet • gigabitethernet • loopback Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-162 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface range • tengigabitethernet • tunnel • ge-wan • pos • atm • vlan vlan-id (valid values are from 1 to 4094) • port-channel interface-number (valid values are from 1 to 256) You cannot specify both a macro and an interface range in the same command. After creating a macro, the CLI does not allow you to enter additional ranges. If you have already entered an interface range, the CLI does not allow you to enter a macro. In addition, you can specify a single interface in port-range. Examples This example shows how to execute a command on two port ranges: Router(config)# interface range fastethernet 5/18 -20, ethernet 3/1 -24 Router(config-if-range)# This command shows how to execute a port-range macro: Router(config)# interface range macro macro1 Router(config-if-range)# Related Commands Command Description define interface-range Creates an interface-range macro. show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-163 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA interface vlan interface vlan To create or access a dynamic SVI, use the interface vlan command. To delete an SVI, use the no form of this command. interface vlan vlan-id no interface vlan vlan-id Syntax Description vlan-id Defaults Fast EtherChannel is not specified. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Number of the VLAN; valid values are from 1 to 4094. SVIs are created the first time that you enter the interface vlan vlan-id command for a particular VLAN. The vlan-id value corresponds to the VLAN tag that is associated with the data frames on an ISL, the 802.1Q-encapsulated trunk, or the VLAN ID that is configured for an access port. A message displays whenever you create a new VLAN interface, so that you can check if you entered the correct VLAN number. If you delete an SVI by entering the no interface vlan vlan-id command, the associated IDB pair is forced into an administrative down state and is marked as deleted. The deleted interface will not be visible in the show interface command. You can reinstate a deleted SVI by entering the interface vlan vlan-id command for the deleted interface. The interface comes back up, but much of the previous configuration is gone. VLANs 1006 to 1014 are internal VLANs on the Catalyst 6500 series switch and cannot be used for creating new VLANs. Examples This example shows the output when you enter the interface vlan vlan-id command for a new VLAN number: Router(config)# interface vlan 23 % Creating new VLAN interface. Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-164 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA inter-packet gap 6502-mode inter-packet gap 6502-mode To set the IPG value, use the inter-packet gap 6502-mode command. To return to the default settings, use the no form of this command. inter-packet gap 6502-mode no inter-packet gap 6502-mode Syntax Description This command has no keywords or arguments. Defaults All fragments from flows that are received from an ACE with Layer 4 ports and permit action are permitted. All other fragments are dropped in the hardware. This action also applies to flows that are handled in the software regardless of this command setting. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on situations where a WS-X6704-10GE is connected to a WS-X6502-10GE only. You enter this command to change the IPG value of the WS-X6704-10GE to match the WS-X6502-10GE. The default 6704 mode sets the IPG value to average 12. Based on packet size, the IPG between successive packets range from 9 to 15. The 6502 mode sets the IPG value to average 16. Based on packet size, the IPG between successive packets range from 13 to 19. Examples This example shows how to set the IPG to 6502 mode: Router(config-if)# inter-packet gap 6502-mode Router(config-if)# This example shows how to set the IPG to the default mode: Router(config-if)# no inter-packet gap 6502-mode Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-165 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip access-list hardware permit fragments ip access-list hardware permit fragments To permit all noninitial fragments in the hardware, use the ip access-list hardware permit fragments command. To return to the default settings, use the no form of this command. ip access-list hardware permit fragments no ip access-list hardware permit fragments Syntax Description This command has no keywords or arguments. Defaults All fragments from flows that are received from an ACE with Layer 4 ports and permit action are permitted. All other fragments are dropped in the hardware. This action also applies to flows that are handled in the software regardless of this command setting. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Flow fragments that match ACEs with Layer 4 ports and permit results are permitted in the hardware, and all other fragments are dropped. An entry is added in the TCAM for each ACE with Layer 4 ports and permit action. This action could cause large ACLs to not fit in the TCAM. If this situation occurs, use the ip access-list hardware permit fragments command to permit all noninitial fragments in the hardware. This command affects all ACLs that are currently applied to interfaces and not only newly-applied ACLs. The initial flow fragments that match the ACEs with Layer 4 ports and permit results are permitted in the hardware. All other initial fragments are dropped in the hardware. Examples This example shows how to permit all noninitial fragments in the hardware: Router(config)# ip access-list hardware permit fragments Router(config)# This example shows how to return to the default settings: Router(config)# no ip access-list hardware permit fragments Router(config)# Related Commands Command Description show ip interface Displays the usability status of interfaces that are configured for IP. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-166 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection filter vlan ip arp inspection filter vlan To permit ARPs from hosts that are configured for static IP when DAI is enabled and to define an ARP access list and apply it to a VLAN, use the ip arp inspection filter vlan command. To disable this application, use the no form of this command. ip arp inspection filter arp-acl-name {vlan vlan-range} [static] no ip arp inspection filter arp-acl-name {vlan vlan-range} [static] Syntax Description arp-acl-name Access control list name. vlan-range VLAN number or range; valid values are from 1 to 4094. static (Optional) Treats implicit denies in the ARP ACL as explicit denies and drops packets that do not match any previous clauses in the ACL. Defaults No defined ARP ACLs are applied to any VLAN. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines For vlan-range, you can specify the VLAN to which the switches and hosts belong. You can specify a single VLAN identified by a VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. When an ARP access control list is applied to a VLAN for dynamic ARP inspection, the ARP packets containing only the IP-to-Ethernet MAC bindings are compared against the ACLs. All other packet types are bridged in the incoming VLAN without validation. This command specifies that the incoming ARP packets are compared against the ARP access control list, and the packets are permitted only if the access control list permits them. If the access control lists deny the packets because of explicit denies, the packets are dropped. If the packets are denied because of an implicit deny, they are then matched against the list of DHCP bindings if the ACL is not applied statically. If you do not specify the static keyword, it means that there is no explicit deny in the ACL that denies the packet, and DHCP bindings determine whether a packet is permitted or denied if the packet does not match any clauses in the ACL. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-167 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection filter vlan Examples This example shows how to apply the ARP ACL static hosts to VLAN 1 for DAI: Switch# config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ip arp inspection filter static-hosts vlan 1 Router(config)# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-168 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection limit ip arp inspection limit To limit the rate of incoming ARP requests and responses on an interface and prevent DAI from consuming all of the system’s resources in the event of a DoS attack, use the ip arp inspection limit command. To return to the default settings, use the no form of this command. ip arp inspection limit {rate pps [{burstintervalseconds}]} |none no ip arp inspection limit Syntax Description Defaults rate pps Specifies the upper limit on the number of incoming packets processed per second; valid values are from 1 to 2048 pps. burst interval seconds (Optional) Specifies the consecutive interval in seconds over which the interface is monitored for the high rate of the ARP packets; valid values are from 1 to 15 seconds. none Specifies that there is no upper limit on the rate of the incoming ARP packets that can be processed. The default settings are as follows: • The rate pps is set to 15 packets per second on the untrusted interfaces, assuming that the network is a switched network with a host connecting to as many as 15 new hosts per second. • The rate is unlimited on all the trusted interfaces. • The burst interval seconds is set to 1 second. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You should configure the trunk ports with higher rates to reflect their aggregation. When the rate of the incoming packets exceeds the user-configured rate, the interface is placed into an error-disabled state. You can use the error-disable timeout feature to remove the port from the error-disabled state. The rate applies to both the trusted and nontrusted interfaces. Configure appropriate rates on trunks to handle the packets across multiple DAI-enabled VLANs, or use the none keyword to make the rate unlimited. The rate of the incoming ARP packets on the channel ports is equal to the sum of the incoming rate of packets from all the channel members. Configure the rate limit for the channel ports only after examining the rate of the incoming ARP packets on the channel members. After a switch receives more than the configured rate of packets every second consecutively over a period of burst seconds, the interface is placed into an error-disabled state. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-169 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection limit Examples This example shows how to limit the rate of the incoming ARP requests to 25 packets per second: Router# config terminal Router(config)# interface fa6/3 Router(config-if)# ip arp inspection limit rate 25 Router(config-if)# This example shows how to limit the rate of the incoming ARP requests to 20 packets per second and to set the interface monitoring interval to 5 consecutive seconds: Router# config terminal Router(config)# interface fa6/1 Router(config-if)# ip arp inspection limit rate 20 burst interval 5 Router(config-if)# Related Commands Command Description show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-170 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection log-buffer ip arp inspection log-buffer To configure the parameters that are associated with the logging buffer, use the ip arp inspection log-buffer command. To disable the parameters, use the no form of this command. ip arp inspection log-buffer {{entries number} | {logs number} {interval seconds}} no ip arp inspection log-buffer {entries | logs} Syntax Description Defaults entries number Specifies the number of entries from the logging buffer; valid values are from 0 to 1024. logs number Specifies the number of entries to be logged in an interval; valid values are from 0 to 1024. interval seconds Specifies the logging rate; valid values are from 0 to 86400 (1 day). The default settings are as follows: • When dynamic ARP inspection is enabled, denied, or dropped, the ARP packets are logged. • The entries number is 32. • The logs number is 5 per second. • The interval seconds is 1 second. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines A 0 value for the logs number indicates that the entries should not be logged out of this buffer. A 0 value for the interval seconds keyword and argument indicates an immediate log. You cannot enter a 0 for both the logs number and the interval seconds keywords and arguments. The first dropped packet of a given flow is logged immediately. The subsequent packets for the same flow are registered but are not logged immediately. Registration for these packets occurs in a log buffer that is shared by all the VLANs. Entries from this buffer are logged on a rate-controlled basis. Examples This example shows how to configure the logging buffer to hold up to 45 entries: Router# config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ip arp inspection log-buffer entries 45 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-171 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection log-buffer This example shows how to configure the logging rate for 10 logs per 3 seconds: Router(config)# ip arp inspection log-buffer logs 10 interval 3 Router(config)# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. clear ip arp inspection Clears the status of the log buffer. log show ip arp inspection Shows the status of the log buffer. log Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-172 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection trust ip arp inspection trust To set a per-port configurable trust state that determines the set of interfaces where incoming ARP packets are inspected, use the ip arp inspection trust command. To make the interfaces untrusted, use the no form of this command. ip arp inspection trust no ip arp inspection trust Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to configure an interface to be trusted: Router# config terminal Router(config)# interface fastEthernet 6/3 Router(config-if)# ip arp inspection trust Router(config-if)# Related Commands Command Description show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-173 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection validate ip arp inspection validate To perform specific checks for an ARP inspection, use the ip arp inspection validate command. To disable ARP inspection checks, use the no form of this command. ip arp inspection validate [src-mac] [dst-mac] [ip] no ip arp inspection validate [src-mac] [dst-mac] [ip] Syntax Description src-mac (Optional) Checks the source MAC address in the Ethernet header against the sender’s MAC address in the ARP body. dst-mac (Optional) Checks the destination MAC address in the Ethernet header against the target MAC address in the ARP body. ip (Optional) Checks the ARP body for invalid and unexpected IP addresses. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The sender IP addresses are checked in all ARP requests and responses, and target IP addresses are checked only in ARP responses. Addresses include 0.0.0.0, 255.255.255.255, and all IP multicast addresses. The src-mac checks are issued against both ARP requests and responses. The dst-mac checks are issued for ARP responses. Note When enabled, packets with different MAC addresses are classified as invalid and are dropped. When enabling the checks, specify at least one of the keywords (src-mac, dst-mac, and ip) on the command line. Each command overrides the configuration of the previous command. If a command enables src and dst mac validations, and a second command enables IP validation only, the src and dst mac validations are disabled as a result of the second command. The no form of this command disables only the specified checks. If no check options are enabled, all the checks are disabled. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-174 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection validate Examples This example shows how to enable the source MAC validation: Router(config)# ip arp inspection validate src-mac Router(config)# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-175 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection vlan ip arp inspection vlan To enable DAI on a per-VLAN basis, use the ip arp inspection vlan command. To disable DAI, use the no form of this command. ip arp inspection vlan vlan-range no ip arp inspection vlan vlan-range Syntax Description vlan-range Defaults ARP inspection is disabled on all VLANs. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines VLAN number or range; valid values are from 1 to 4094. For vlan-range, you can specify a single VLAN identified by a VLAN ID number, a range of VLANs separated by a hyphen, or a series of VLANs separated by a comma. You must specify on which VLANs to enable DAI. DAI may not function on the configured VLANs if the VLAN has not been created or is a private VLAN. Examples This example shows how to enable DAI on VLAN 1: Router(config)# ip arp inspection vlan 1 Router(config)# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-176 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection vlan logging ip arp inspection vlan logging To control the type of packets that are logged, use the ip arp inspection vlan logging command. To disable this logging control, use the no form of this command. ip arp inspection vlan vlan-range logging {acl-match {matchlog | none} | dhcp-bindings {permit | all | none}} no ip arp inspection vlan vlan-range logging {acl-match | dhcp-bindings} Syntax Description vlan-range Number of the VLANs to be mapped to the specified instance. The number is entered as a single value or a range; valid values are from 1 to 4094. acl-match Specifies the logging criteria for packets that are dropped or permitted based on ACL matches. matchlog Specifies that logging of packets matched against ACLs is controlled by the matchlog keyword in the permit and deny access control entries of the ACL. none Specifies that ACL-matched packets are not logged. dhcp-bindings Specifies the logging criteria for packets dropped or permitted based on matches against the DHCP bindings. permit Specifies logging when permitted by DHCP bindings. all Specifies logging when permitted or denied by DHCP bindings. none Prevents all logging of packets permitted or denied by DHCP bindings. Defaults All denied or dropped packets are logged. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines By default, the matchlog keyword is not available on the ACEs. When you enter the matchlog keyword, denied packets are not logged. Packets are logged only when they match against an ACE that has the matchlog keyword. The acl-match and dhcp-bindings keywords merge with each other. When you set an ACL match configuration, the DHCP bindings configuration is not disabled. You can use the no form of this command to reset some of the logging criteria to their defaults. If you do not specify either option, all the logging types are reset to log on when the ARP packets are denied. The two options that are available are as follows: • acl-match—Logging on ACL matches is reset to log on deny • dhcp-bindings—Logging on DHCP bindings is reset to log on deny Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-177 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip arp inspection vlan logging Examples This example shows how to configure an ARP inspection on VLAN 1 to add packets to a log that matches the ACLs: Router# config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# ip arp inspection vlan 1 logging acl-match matchlog Router(config)# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-178 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip auth-proxy max-login-attempts ip auth-proxy max-login-attempts To limit the number of login attempts at a firewall interface, use the ip auth-proxy max-login-attempts command. To return to the default settings, use the no form of this command. ip auth-proxy max-login-attempts 1-maxint no ip auth-proxy max-login-attempts Syntax Description 1-maxint Defaults 1-maxint is 5. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Maximum number of login attempts: valid values are from 1 to 2147483647 attempts. This command is supported on the firewall interfaces only. The maximum login attempt functionality is independent of the watch-list feature. If you do not configure a watch list (using the ip access-list hardware permit fragments command) and you configure a maximum login attempt, the existing authentication proxy behavior occurs but displays the new number for retries. If you configure a watch list, the IP address is put in the watch list, once the configured number of attempts has been reached. Examples This example shows how to set a limit to the number of login attempts at a firewall interface: Router(config-if)# ip auth-proxy max-login-attempts 4 Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-179 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip auth-proxy max-login-attempts Related Commands Command Description clear ip auth-proxy watch-list Deletes a single watch-list entry or all watch-list entries. ip auth-proxy watch-list Enables and configures an authentication proxy watch list. show ip auth-proxy watch-list Displays the information about the authentication proxy watch list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-180 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip auth-proxy watch-list ip auth-proxy watch-list To enable and configure an authentication proxy watch list, use the ip auth-proxy watch-list command. See the “Usage Guidelines” section for the no form of this command usage. ip auth-proxy watch-list {{add-item ip-addr} | enable | {expiry-time minutes}} no ip auth-proxy watch-list [{add-item ip-addr} | expiry-time] Syntax Description Defaults add-item ip-addr Adds an IP address to the watch list. enable Enables a watch list. expiry-time minutes Specifies the duration of time that an entry is in the watch list; see the “Usage Guidelines” section for valid values. The defaults are as follows: • minutes is 30 minutes. • The watch-list functionality is disabled. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The valid values for minutes are from 0 to the largest 32-bit positive number (0x7FFFFFFF or 2147483647 in decimal). Setting the minutes to 0 (zero) places the entries in the list permanently. This command is supported on the firewall interfaces only. Use the no form of this command to do the following: • no ip auth-proxy watch-list—Disables the watch-list functionality. • no ip auth-proxy watch-list add-item ip-addr—Removes the IP address from the watch list. • no ip auth-proxy watch-list expiry-time—Returns to the default setting. A watch list consists of IP addresses that have opened TCP connections to port 80 and have not sent any data. No new connections are accepted from this type of IP address (to port 80) and the packet is dropped. An entry remains in the watch list for the time that is specified by expiry-time minutes. When you disable a watch list, no new entries are put into the watch list, but the sessions are put in SERVICE_DENIED state. The timer deletes sessions after 2 minutes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-181 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip auth-proxy watch-list Examples This example shows how to enable an authentication proxy watch list: Router(config-if)# ip auth-proxy watch-list enable Router(config-if)# This example shows how to disable an authentication proxy watch list: Router(config-if)# no ip auth-proxy watch-list Router(config-if)# This example shows how to add an IP address to a watch list: Router(config-if)# ip auth-proxy watch-list add-item 12.0.0.2 Router(config-if)# This example shows how to set the duration of time that an entry is in a watch list: Router(config-if)# ip auth-proxy watch-list expiry-time 29 Router(config-if)# Related Commands Command Description clear ip auth-proxy watch-list Deletes a single watch-list entry or all watch-list entries. ip auth-proxy max-login-attempts Limits the number of login attempts at a firewall interface. show ip auth-proxy watch-list Displays the information about the authentication proxy watch list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-182 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip casa ip casa To configure the router to function as a forwarding agent, use the ip casa command. To disable the forwarding agent, use the no form of this command. ip casa [control-address igmp-address [udp-limit]] no ip casa Syntax Description control-address (Optional) IP address of the forwarding agent side of the services manager and forwarding agent tunnel used for sending signals. igmp-address IGMP address on which the forwarding agent will listen for wildcard and fixed affinities. udp-limit (Optional) Maximum UDP queue length; valid values are from 50 to 65535. Defaults The default udp-limit value is 256. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If more than the maximum udp-limit value arrives in a burst, the CASA wildcard updates from the service manager might get dropped. The control-address value is unique for each forwarding agent. Examples This example shows how to specify the IP address (10.10.4.1) and IGMP address (224.0.1.2) for the forwarding agent and set the UDP queue length to 300: Router(config)# ip-casa 10.10.4.1 224.0.1.2 300 Router(config)# Related Commands Command Description forwarding-agent Specifies the port on which the forwarding agent listens for the wildcard and the fixed affinities. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-183 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip cef load-sharing algorithm ip cef load-sharing algorithm To select a CEF load-balancing algorithm, use the ip cef load-sharing algorithm command. To return to the default universal load-balancing algorithm, use the no form of this command. ip cef load-sharing algorithm {original | tunnel [id] | universal [id]} no ip cef load-sharing algorithm {original | tunnel [id] | universal [id]} Syntax Description original Sets the load-balancing algorithm to the original based on a source and destination hash. tunnel Sets the load-balancing algorithm for use in tunnel environments or in environments where there are only a few IP source and destination address pairs. universal Sets the load-balancing algorithm to the universal algorithm that uses a source, destination, and ID hash. id (Optional) Fixed identifier. Defaults The universal load-balancing is selected. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The original CEF load-sharing algorithm produced distortions in load-balancing across multiple routers due to the use of the same algorithm on every router. When the load-balancing algorithm is set to universal mode, each router on the network can make a different load-balancing decision for each source-destination address pair which resolves load-balancing distortions. Use the tunnel algorithm to share the load more fairly when only a few source-destination pairs are involved. Examples This example shows how to enable the CEF load-balancing algorithm for universal environments: Router(config)# ip cef load-sharing algorithm universal 1 Router(config)# Related Commands Command Description ip load-sharing Enables load balancing. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-184 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip cef table consistency-check ip cef table consistency-check To enable the CEF-table consistency-checker types and parameters, use the ip cef table consistency-check command. To disable consistency checkers, use the no form of this command. ip cef table consistency-check [type {lc-detect | scan-lc | scan-rib | scan-rp}] [count count-number] [period seconds] ip cef table consistency-check [settle-time seconds] no ip cef table consistency-check [type {lc-detect | scan-lc | scan-rib | scan-rp}] [count count-number] [period seconds] no ip cef table consistency-check [settle-time seconds] Syntax Description type (Optional) Specifies the type of consistency check to configure. lc-detect (Optional) Specifies that the module detects a missing prefix. scan-lc (Optional) Specifies a passive scan check of tables on the module. scan-rib (Optional) Specifies a passive scan check of tables on the rendezvous point against RIB. scan-rp (Optional) Specifies a passive scan check of tables on the rendezvous point. count count-number (Optional) Specifies the maximum number of prefixes to check per scan; valid values are from 1 to 225. period seconds (Optional) Specifies the period between scans; valid values are from 30 to 3600 seconds. settle-time seconds (Optional) Specifies the time that elapsed during which updates for a candidate prefix are ignored as inconsistencies; valid values are from 1 to 3600 seconds. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-185 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip cef table consistency-check Usage Guidelines This command configures CEF-table consistency checkers and parameters for the detection mechanism types that are listed in Table 2-12. Table 2-12 Detection Mechanism Types Examples Mechanism Operates On Description Lc-detect Module Operates on the module by retrieving IP prefixes found missing from its FIB table. If IP prefixes are missing, the module cannot forward packets for these addresses. Lc-detect sends IP prefixes to the rendezvous point for confirmation. If the rendezvous point detects that it has the relevant entry, an inconsistency is detected and a system message is displayed. Also, the rendezvous point sends a signal back to the module confirming that the IP prefix is an inconsistency. Scan-lc Module Operates on the module by looking through the FIB table for a configurable time period and sending the next n prefixes to the rendezvous point. The rendezvous point does an exact lookup. If it finds the prefix missing, the rendezvous point reports an inconsistency. Finally, the rendezvous point sends a signal back to the module for confirmation. Scan-rp Route Processor Operates on the rendezvous point (opposite of the scan-lc) by looking through the FIB table for a configurable time period and sending the next n prefixes to the module. The module does an exact lookup. If it finds the prefix missing, the module reports an inconsistency and finally signals the rendezvous point for confirmation. Scan-rib Route Processor Operates on all RPs (even nondistributed) and scans the RIB to ensure that prefix entries are present in the rendezvous point FIB table. This example shows how to enable the CEF-table consistency checkers: Router(config)# ip cef table consistency-check Router(config)# Related Commands Command Description clear ip cef inconsistency Clears the statistics and records for the CEF-consistency checker. show ip cef inconsistency Displays the IP CEF inconsistencies. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-186 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp relay information option trust-all ip dhcp relay information option trust-all To enable all the interfaces as trusted sources of the DHCP relay-agent information option, use the ip dhcp relay information option trust-all command. To return to the default settings, use the no form of this command. ip dhcp relay information option trust-all no ip dhcp relay information option trust-all Syntax Description This command has no arguments or keywords. Defaults The DHCP server does not insert relay information. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is used by cable access router termination systems. This functionality enables a DHCP server to identify the user (cable access router) sending the request and initiate appropriate action that is based on this information. Examples This example shows how to specify that all interfaces on the router are trusted: Router(config)# ip dhcp relay information option trust-all Router(config)# Related Commands Command Description show ip dhcp relay information trusted-sources Lists all the configured trusted interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-187 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp relay information trust ip dhcp relay information trust To enable an interface as a trusted source of the DHCP relay-agent information, use the ip dhcp relay information trust command. To return to the default settings, use the no form of this command. ip dhcp relay information trust no ip dhcp relay information trust Syntax Description This command has no arguments or keywords. Defaults All interfaces on the router are untrusted. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Configuring an interface as a trusted source of relay-agent information allows the interface to receive DHCP discover or request packets. DHCP discover or request packets contain the relay-agent information option. Examples This example shows how to specify that the interface is trusted: Router(config)# ip dhcp relay information trust Router(config)# Related Commands Command Description show ip dhcp relay information trusted-sources Lists all the configured trusted interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-188 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp route connected ip dhcp route connected To specify routes as connected routes, use the ip dhcp route connected command. To return to the default settings, use the no form of this command. ip dhcp route connected no ip dhcp route connected Syntax Description This command has no arguments or keywords. Defaults All interfaces on the router are untrusted. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enable the ip dhcp route connected command, DHCP downloads the route database from a database agent and adds the routes as connected routes, even though they may have been added as static routes previously. Examples This example shows how to specify routes as connected routes: Router(config)# ip dhcp route connected Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-189 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping ip dhcp snooping To globally enable DHCP snooping, use the ip dhcp snooping command. To disable DHCP snooping, use the no form of this command. ip dhcp snooping no ip dhcp snooping Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Wireless clients, or mobile nodes, gain access to an untrusted wireless network only if there is a corresponding entry in the DHCP snooping database. Enable DHCP snooping globally by entering the ip dhcp snooping command, and enable DHCP snooping on the tunnel interface by entering the ip dhcp snooping packets command. After you enable DHCP snooping, the process snoops DHCP packets to and from the mobile nodes and populates the DHCP snooping database. Examples This example shows how to enable DHCP snooping: Router(config) # ip dhcp snooping Router(config) # This example shows how to disable DHCP snooping: Router(config) # no ip dhcp snooping Router(config) # Related Commands Command Description ip dhcp snooping packets Enables DHCP snooping on the tunnel interface. show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-190 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping binding ip dhcp snooping binding To set up and generate a DHCP binding configuration to restore bindings across reboots, use the ip dhcp snooping binding command. To disable the binding configuration, use the no form of this command. ip dhcp snooping binding mac-address {vlan vlan} ip-address {interface interface interface-number} {expiry seconds} no ip dhcp snooping binding mac-address vlan vlan-# ip-address interface interface Syntax Description mac-address MAC address. vlan vlan Specifies a valid VLAN number; valid values are from 1 to 4094. ip-address IP address. interface interface Specifies the interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet. interface-number Module and port number. expiry seconds Specifies the interval after which binding is no longer valid; valid values are from 1 to 4294967295 seconds. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you add or remove a binding using this command, the binding database is marked as changed and a write is initiated. A maximum of 512 bindings are allowed in the DHCP snooping database. Examples This example shows how to generate a DHCP binding configuration on interface gigabitethernet1/1 in VLAN 1 with an expiration time of 1000 seconds: Router# ip dhcp snooping binding 0000.0c00.40af vlan 1 10.42.0.6 interface gi1/1 expiry 1000 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-191 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping binding Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-192 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping database ip dhcp snooping database To configure the DHCP-snooping database, use the ip dhcp snooping database command. ip dhcp snooping database {bootflash:url | ftp:url | rcp:url | scp:url | sup-bootflash: | tftp:url} ip dhcp snooping database {timeout timeout | write-delay time} Syntax Description bootflash:url Specifies the database URL for storing entries using the bootflash. ftp:url Specifies the database URL for storing entries using FTP. rcp:url Specifies the database URL for storing entries using RCP. scp:url Specifies the database URL for storing entries using SCP. sup-bootflash: Specifies the database URL for storing entries using the supervisor engine bootflash. tftp:url Specifies the database URL for storing entries using TFTP. timeout timeout Specifies the abort timeout interval; valid values are from 0 to 86400 seconds. write-delay time Specifies the amount of time before writing the DHCP-snooping entries to an external server after a change is seen in the local DHCP-snooping database; valid values are from 15 to 86400 seconds. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You must enable DHCP snooping on the interface before entering this command. Use the ip dhcp snooping command to enable DHCP snooping. Examples This example shows how to specify the database URL using TFTP: Router(config)# ip dhcp snooping database tftp://90.90.90.90/snooping-rp2 Router(config)# This example shows how to specify the amount of time before writing DHCP snooping entries to an external server: Router(config)# ip dhcp snooping database write-delay 15 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-193 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping database Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-194 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping information option ip dhcp snooping information option To enable DHCP option 82 data insertion, use the ip dhcp snooping information option command. To disable DHCP option 82 data insertion, use the no form of this command. ip dhcp snooping information option [allow-untrusted] no ip dhcp snooping information option Syntax Description allow-untrusted Defaults The defaults are as follows: (Optional) Enables the switch to accept incoming DHCP snooping packets with option 82 information from the edge switch. • ip dhcp snooping information option—Enabled • ip dhcp snooping information option allow-untrusted—Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines DHCP option 82 is part of RFC 3046. DHCP is an application-layer protocol that is used for the dynamic configuration of TCP/IP networks. The protocol allows for a relay agent to pass DHCP messages between the DHCP clients and DHCP servers. By using a relay agent, servers do not have to be on the same network as the clients. Option 82 (82 is the option’s code) addresses the security and scalability issues. Option 82 resides in the relay agent when DHCP packets that originate from the forwarding client are sent to the server. Servers that recognize option 82 may use the information to implement the IP address or other parameter assignment policies. The DHCP server echoes the option back to the relay agent in its replies. The relay agent strips out the option from the relay agent before forwarding the reply to the client. When you enter the ip dhcp snooping information option allow-untrusted on an aggregation switch that is connected to an edge switch through an untrusted interface, the aggregation switch accepts packets with option 82 information from the edge switch. The aggregation switch learns the bindings for hosts connected through an untrusted switch interface. You can enable the DHCP security features, such as dynamic ARP inspection or IP source guard, on the aggregation switch while the switch receives packets with option 82 information on untrusted input interfaces to which hosts are connected. You must configure the port on the edge switch that connects to the aggregation switch as a trusted interface. Caution Do not enter the ip dhcp snooping information option allow-untrusted command on an aggregation switch that is connected to an untrusted device. If you enter this command, an untrusted device might spoof the option 82 information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-195 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping information option Examples This example shows how to enable DHCP option 82 data insertion: Router(config)# ip dhcp snooping information option Router(config)# This example shows how to disable DHCP option 82 data insertion: Router(config)# no ip dhcp snooping information option Router(config)# This example shows how to enable the switch to accept incoming DHCP snooping packets with option 82 information from the edge switch: Router(config)# ip dhcp snooping information option allow-trusted Router(config)# Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-196 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping limit rate ip dhcp snooping limit rate To configure the number of the DHCP messages that an interface can receive per second, use the ip dhcp snooping limit rate command. To disable the DHCP message rate limiting, use the no form of this command. ip dhcp snooping limit rate rate no ip dhcp snooping limit rate Syntax Description rate Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Number of DHCP messages that a switch can receive per second; valid values are from 1 to 4294967294 seconds. This command is supported on Layer 2 switch-port and port-channel interfaces only. Typically, the rate limit applies to the untrusted interfaces. If you want to set up rate limiting for the trusted interfaces, note that the trusted interfaces aggregate all DHCP traffic in the switch, and you will need to adjust the rate limit of the interfaces to a higher value. Examples This example shows how to specify the number of DHCP messages that a switch can receive per second: Router(config-if)# ip dhcp snooping limit rate 150 Router(config)# This example shows how to disable the DHCP message rate limiting: Router(config-if)# no ip dhcp snooping limit rate Router(config)# Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-197 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping packets ip dhcp snooping packets To enable DHCP snooping on the tunnel interface, use the ip dhcp snooping packets command. To disable DHCP snooping, use the no form of this command. ip dhcp snooping packets no ip dhcp snooping packets Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on Layer 2 switch-port and port-channel interfaces only. This command is supported on Catalyst 6500 series switches that are configured with a WLSM only. Wireless clients, or mobile nodes, gain access to an untrusted wireless network only if there is a corresponding entry in the DHCP snooping database. Enable DHCP snooping globally by entering the ip dhcp snooping command, and enable DHCP snooping on the tunnel interface by entering the ip dhcp snooping packets command. After you enable DHCP snooping, the process snoops DHCP packets to and from the mobile nodes and populates the DHCP snooping database. Examples This example shows how to enable DHCP snooping: Router(config)# ip dhcp snooping packets Router(config)# This example shows how to disable DHCP snooping: Router(config)# no ip dhcp snooping packets Router(config)# Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-198 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping verify mac-address ip dhcp snooping verify mac-address To verify that the source MAC address in a DHCP packet matches the client hardware address on an untrusted port, use the ip dhcp snooping verify mac-address command. To disable verification, use the no form of this command. ip dhcp snooping verify mac-address no ip dhcp snooping verify mac-address Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines For untrusted DHCP snooping ports, DHCP snooping verifies the MAC address on the client hardware address field to ensure that a client is requesting multiple addresses from a single MAC address. You can use the ip dhcp snooping verify mac-address command to trust the ports or you can use the no ip dhcp snooping verify mac-address command to leave the ports untrusted by disabling the MAC address verification on the client hardware address field. Examples This example shows how to verify that the source MAC address in a DHCP packet matches the client hardware address on an untrusted port: Router(config)# ip dhcp snooping verify mac-address Router(config)# This example shows how to turn off the verification of the MAC address on the client hardware address field: Router(config)# no ip dhcp snooping verify mac-address Router(config)# Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-199 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping vlan ip dhcp snooping vlan To enable DHCP snooping on a VLAN or a group of VLANs, use the ip dhcp snooping vlan command. To disable DHCP snooping on a VLAN or a group of VLANs, use the no form of this command. ip dhcp snooping vlan {number | vlanlist} no ip dhcp snooping vlan {number | vlanlist} Syntax Description number | vlanlist Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines VLAN number or a group of VLANs; valid values are from 1 to 4094. See the “Usage Guidelines” section for additional information. DHCP snooping is enabled on a VLAN only if both the global snooping and the VLAN snooping are enabled. Enter the range of VLANs using this format: 1,3-5,7,9-11. Examples This example shows how to enable DHCP snooping on a VLAN: Router(config)# ip dhcp snooping vlan 10 Router(config)# This example shows how to disable DHCP snooping on a VLAN: Router(config)# no ip dhcp snooping vlan 10 Router(config)# This example shows how to enable DHCP snooping on a group of VLANs: Router(config)# ip dhcp snooping vlan 10,4-8,55 Router(config)# This example shows how to disable DHCP snooping on a group of VLANs: Router(config)# no ip dhcp snooping vlan 10,4-8,55 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-200 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip dhcp snooping vlan Related Commands Command Description show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-201 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-aggregation cache ip flow-aggregation cache To create a flow-aggregation cache and enter the aggregation cache configuration mode, use the ip flow-aggregation cache command. To negate a command or return to its default settings, use the no form of this command. ip flow-aggregation cache {as | destination-prefix | prefix | protocol-port | source-prefix} no ip flow-aggregation cache {as | destination-prefix | prefix | protocol-port | source-prefix} Syntax Description Defaults as Configures the autonomous-system aggregation-cache scheme. destination-prefix Configures the destination-prefix aggregation-cache scheme. prefix Configures the prefix aggregation-cache scheme. protocol-port Configures the protocol-port aggregation-cache scheme. source-prefix Configures the source-prefix aggregation-cache scheme. The defaults are as follows: • entries num is 4096 entries. • active time is 30 minutes. • inactive time is 15 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines In source-prefix aggregation mode, only the source mask is configurable. In destination-prefix aggregation mode, only the destination mask is configurable. Once you enter the flow aggregation cache configuration mode, these commands are available: • cache {entries num} | {timeout {active time} | {inactive time}} • default {cache {entries | timeout}} | enabled | {export destination} • enabled • export destination ip-addr udp-port-num Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-202 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-aggregation cache The syntax descriptions are as follows: Examples cache Configures the NetFlow cache parameters. entries num Specifies the number of entries in the flow cache; valid values are from 1024 to 524288 flow entries. timeout Specifies the timeout parameters for the flow cache. active time Specifies the active flow timeout; valid values are from 1 to 60 minutes. inactive time Specifies the inactive flow timeout; valid values are from 10 to 600 seconds. default Sets a command to its default. enabled Enables the aggregation cache. export destination Specifies the host or port to send flow statistics. ip-addr Destination IP address or hostname. udp-port-num UDP port number; valid values are from 1 to 65535. This example shows how to enable an autonomous-system aggregation-cache scheme: Router(config)# ip flow-aggregation cache as Router(config-flow-cache)# enable Router(config-flow-cache)# Related Commands Command Description show ip cache flow Displays a summary of the NetFlow cache-flow entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-203 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-cache entries ip flow-cache entries To change the number of entries that are maintained in the NetFlow cache, use the ip flow-cache entries command. To return to the default number of entries, use the no form of this command. ip flow-cache entries number no ip flow-cache entries Syntax Description number Defaults 65536 entries Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Number of entries to maintain in the NetFlow cache; valid values are from 1024 to 524288 entries. Typically, the default size of the NetFlow cache will meet your needs. However, you can increase or decrease the number of entries that are maintained in the cache to meet the needs of your flow traffic rates. For environments with a high amount of flow traffic (such as an Internet core router), we recommend that you maintain a larger value such as 131072. To obtain information on your flow traffic, use the show ip cache flow command. Each cache entry is approximately 64 bytes of storage. Assuming a cache with the default number of entries, approximately 4 MB of DRAM would be required. Each time that a new flow is taken from the free-flow queue, the number of free flows is checked. If there are only a few free flows remaining, NetFlow attempts to age 30 flows using an accelerated timeout. If there is only one free flow remaining, NetFlow automatically ages 30 flows regardless of their age. This action ensures that free flow entries are always available. Caution We recommend that you do not change the number of entries in the NetFlow cache. Improper use of this feature could cause network problems. To return to the default number of entries in the NetFlow cache, use the no ip flow-cache entries command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-204 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-cache entries Examples This example shows how to increase the number of entries in the NetFlow cache to 131072: Router(config)# ip flow-cache entries 131072 Router(config)# exit Related Commands Command Description show ip cache flow Displays a summary of the NetFlow cache-flow entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-205 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export ip flow-export To globally enable NDE for the hardware-switched flows, use the ip flow-export command. To disable NDE for the hardware-switched flows, use the no form of this command. ip flow-export no ip flow-export Syntax Description This command has no arguments or keywords. Defaults The defaults are as follows: • Disabled • Version 7 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To change the default NDE version, use the ip flow-export hardware version command. Examples This example shows how to enable NDE for the hardware-switched flows: Router(config)# ip flow-export Router(config)# This example shows how to disable NDE for the hardware-switched flows: Router(config)# no ip flow-export Router(config)# Related Commands Command Description ip flow-export hardware version Specifies the NDE version for hardware-switched flows. show mls nde Displays information about the NDE hardware-switched flow. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-206 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export destination ip flow-export destination To export the NetFlow cache entries to a specific destination, use the ip flow-export destination command. To disable information exporting, use the no form of this command. ip flow-export destination {hostname | ip-address} udp-port no ip flow-export destination Syntax Description hostname IP hostname of the workstation to which you want to export the NetFlow information. ip-address IP address of the workstation to which you want to export the NetFlow information. udp-port UDP protocol-specific port number. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can enter two destination IP addresses to improve the probability of receiving complete NetFlow data by providing redundant data streams. To configure multiple NetFlow export destinations to a router, enter the ip flow-export destination command twice, once for each destination. Do not enter the same IP address twice. However, entering two different IP addresses with the same UDP port number is configurable. A NetFlow cache entry contains a lot of information. When flow switching is enabled with the ip route-cache flow command, you can use the ip flow-export destination command to configure the router to export the flow cache entry to a workstation when a flow expires. This feature can be useful for statistics, billing, and security, for example. When entering the ip-address value, follow these guidelines: • You cannot enter the IP address of the interface that you are currently on; you must use an address from the subnet of any interface that is not being used. • You cannot use an address from a loopback interface; loopback interfaces do not have internal VLAN IDs or MAC addresses. To specify the source IP address of the data, use the ip flow-export source command. To specify the version that is used on the workstation that receives the NetFlow data, use the ip flow-export version command. For more information on NDE, refer to the “Configuring NDE” chapter in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-207 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export destination Examples This example shows how to export a NetFlow cache entry to UDP port 125 using the version 1 format on the workstation that has an IP address of 10.42.42.1 99917: Router# configure terminal Router(config)# ip flow-export destination 10.42.42.1 9991 125 Router(config)# exit Related Commands Command Description ip flow-export source Specifies the source interface IP address that is used in the NDE datagram. ip flow-export version Specifies the version for the export of information in NetFlow cache entries. ip route-cache flow Enables NetFlow switching for IP routing. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-208 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export hardware version ip flow-export hardware version To specify the NDE version for hardware-switched flows, use the ip flow-export hardware version command. To return to the default settings, use the no form of this command. ip flow-export hardware version [5 | 7] no ip flow-export hardware version Syntax Description 5 Specifies that the export packet uses the version 5 format; see the “Usage Guidelines” section for additional information. 7 Specifies that the export packet uses the version 7 format; see the “Usage Guidelines” section for additional information. Defaults Version 7 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to specify the NDE version for hardware-switched flows: Router(config)# ip flow-export hardware version 5 Router(config)# Related Commands Command Description ip flow-export interface Enables the interface-based ingress NDE for hardware-switched flows. show mls nde Displays information about the NDE hardware-switched flow. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-209 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export interface ip flow-export interface To enable the interface-based ingress NDE for hardware-switched flows, use the ip flow-export interface command. To disable interface-based NDE for hardware-switched flows, use the no form of this command. ip flow-export interface no ip flow-export interface Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the ip flow-export interface command with the ip flow ingress command to enable or disable NDE on a specific interface. Examples This example shows how to enable interface-based NDE for hardware-switched flows: Router(config)# ip flow-export interface Router(config)# This example shows how to disable interface-based NDE for hardware-switched flows: Router(config)# no ip flow-export interface Router(config)# Related Commands Command Description ip flow-export hardware version Specifies the NDE version for hardware-switched flows. show ip flow-export Displays the information about the hardware-switched and software-switched flows for the data export, including the main cache and all other enabled caches. show mls nde Displays information about the NDE hardware-switched flow. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-210 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export source ip flow-export source To specify the source interface IP address that is used in the NDE datagram, use the ip flow-export source command. To remove the source address, use the no form of this command. ip flow-export source [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}] no ip flow-export source [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, ge-wan, and atm. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 256. vlan vlan-id (Optional) Specifies the VLAN; valid values are from 1 to 4094. Defaults No source interface is specified. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-211 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export source After you configure NDE, you can specify the source interface that is used in the UDP datagram containing the export data. The NetFlow Collector on the workstation uses the IP address of the source interface to determine which router sent the information. The NetFlow Collector performs SNMP queries to the router using the IP address of the source interface. Because the IP address of the source interface can change (for example, the interface might flap so a different interface is used to send the data), we recommend that you configure a loopback source interface. A loopback interface is always up and can respond to SNMP queries from the NetFlow Collector on the workstation. For more information on NDE, refer to the “Configuring NDE” chapter in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Examples This example shows the configuration for a loopback source interface. The loopback interface has the IP address as 4.0.0.1 and is used by the serial interface in slot 5, port 0: Router# configure terminal Router(config)# interface loopback0 Router(config-if)# ip address 4.0.0.1 255.0.0.0 Router(config-if)# exit Router(config)# interface serial 5/0:0 Router(config-if)# ip unnumbered loopback0 Router(config-if)# no ip mroute-cache Router(config-if)# encapsulation ppp Router(config-if)# ip route-cache flow Router(config-if)# exit Router(config)# ip flow-export source loopback0 Router(config)# exit Related Commands Command Description ip flow-export destination Exports the NetFlow cache entries to a specific destination. ip flow-export version Specifies the version for the export of information in NetFlow cache entries. ip route-cache flow Enables NetFlow switching for IP routing. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-212 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export version ip flow-export version To specify the version for the export of information in NetFlow cache entries, use the ip flow-export version command. To return to the default settings, use the no form of this command. ip flow-export version {1 | {5 [origin-as | peer-as]} | {9 [bgp-nexthop | origin-as | peer-as]}} no ip flow-export version Syntax Description 1 Specifies that the export packet use the version 1 format; see the “Usage Guidelines” section for additional information. 5 Specifies that the export packet use the version 5 format; see the “Usage Guidelines” section for additional information. origin-as (Optional) Specifies that export statistics include the origin autonomous system for the source and destination. peer-as (Optional) Specifies that export statistics include the peer autonomous system for the source and destination. 9 Specifies that the export packet uses the version 9 format; see the “Usage Guidelines” section for additional information. bgp-nexthop (Optional) Specifies that export statistics include the BGP next hop for the source and destination. Defaults Export of information in NetFlow cache entries is disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Version 5 and version 9 formats include the source and destination autonomous-system addresses and source and destination prefix masks. Also, version 9 includes BGP next-hop information. The number of records stored in the datagram is a variable from 1 to 24 for version 1. The number of records stored in the datagram is a variable between 1 and 30 for version 5. For more information on NDE, refer to the “Configuring NDE” chapter in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-213 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow-export version Examples This example shows how to export the data using the version 5 format: Router(config)# ip flow-export version 5 Router(config)# Related Commands Command Description show mls nde Displays information about the NDE hardware-switched flow. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-214 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow ingress ip flow ingress To enable the software-switched flow creation in Layer 3, use the ip flow ingress command. To return to the default settings, use the no form of this command. ip flow ingress no ip flow ingress Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To create a NetFlow entry, you need to enter the ip flow ingress command. Follow these guidelines to display multicast entries: Examples • Enter the show mls netflow ip command. • Enter the ip flow ingress command on an interface. • Make sure that you have not entered the no ip multicast netflow ingress command. This example shows how to enable inbound NDE for IPv4-bridged flows and NetFlow entry creation: Router(config-if)# ip flow ingress Router(config-if)# This example shows how to disable inbound NDE for IPv4-bridged flows: Router(config-if)# no ip flow ingress Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-215 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip flow layer2-switched ip flow layer2-switched To enable the creation of switched, bridged, and Layer 2 IP flows for a specific VLAN, use the ip flow layer2-switched command. To return to the default settings, use the no form of this command. ip flow {ingress | export} layer2-switched {vlan {num | vlanlist}} no ip flow {ingress | export} layer2-switched {vlan {num | vlanlist}} Syntax Description Defaults ingress Enables the collection of switched, bridged, and IP flows in Layer 2. export Enables the export of switched, bridged, and IP flows in Layer 2. vlan num | vlanlist Specifies the VLAN or range of VLANs; valid values are from 1 to 4094. See the “Usage Guidelines” section for additional information. The defaults are as follows: • ip flow ingress layer2switch is disabled. • ip flow export layer2switched is enabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Before using this command, you must ensure that a corresponding VLAN interface is available and has a valid IP address. You can enter one or multiple VLANs. The following examples are samples of valid VLAN lists: 1; 1,2,3; 1-3,7. Examples This example shows how to enable the collection of Layer 2-switched flows on a specific VLAN: Router(config)# ip flow ingress layer2-switched vlan 2 Router(config)# This example shows how to enable export of Layer 2-switched flows on a range of VLANs: Router(config)# ip flow export layer2-switched vlan 1-3,7 Router(config)# This example shows how to disable the collection of Layer 2-switched flows on a specific VLAN: Router(config)# no ip flow ingress layer2-switched vlan 2 Router(config# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-216 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip forward-protocol turbo-flood ip forward-protocol turbo-flood To speed up the flooding of UDP packets using the spanning-tree algorithm, use the ip forward-protocol turbo-flood command. To return to the default settings, use the no form of this command. ip forward-protocol turbo-flood [udp-checksum] no ip forward-protocol turbo-flood [udp-checksum] Syntax Description udp-checksum Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Specifies the UDP checksum. Usage Guidelines When you enter the ip forward-protocol turbo-flood command, the outgoing UDP packets have a NULL checksum. If you want to have UDP checksums on all outgoing packets, you must enter the ip forward-protocol turbo-flood udp-checksum command. Examples This example shows how to speed up the flooding of UDP packets using the spanning-tree algorithm: Router(config)# ip forward-protocol turbo-flood Router(config)# This example shows how to speed up the flooding of UDP packets using the spanning-tree algorithm and have the UDP checksums on all outgoing packets: Router(config)# ip forward-protocol turbo-flood udp-checksum Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-217 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip forward-protocol turbo-flood This example shows how to turn off the udp-checksum keyword and the ip forward-protocol turbo-flood command: Router(config)# no ip forward-protocol turbo-flood udp-checksum Router(config)# This example shows how to reinstate the ip forward-protocol turbo-flood command without the udp-checksum keyword: Router(config)# ip forward-protocol turbo-flood Router(config)# Related Commands Command Description ip forward-protocol Specifies that protocols and ports that the router forwards when forwarding broadcast packets. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-218 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp immediate-leave group-list ip igmp immediate-leave group-list To enable the immediate processing of the IGMP leave-group messages, use the ip igmp immediate-leave group-list command. To return to the default settings, use the no form of this command. ip igmp immediate-leave group-list acl no ip igmp immediate-leave group-list acl Syntax Description acl Defaults Disabled Command Modes Global or interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Group ACL number; see the “Usage Guidelines” section for valid values. If you enter the ip igmp immediate-leave group-list command, you must enter this command in VLAN interface configuration mode only. Valid values for the acl argument are as follows: • Access-list number—1 to 99 • Expanded range access-list number—1300 to 1999 • Name of the standard IP access list You can configure one or the other but not both configuration modes at the same time. You can enter the acl value to restrict the immediate-leave behavior to a simple access list for multicast groups. The IGMP leave-group messages for multicast groups that are not permitted by the acl value has the standard inquiry mechanism/leave latency. Examples This example shows how to enable the immediate processing of the IGMP leave-group messages: Router(config)# ip igmp immediate-leave group-list 3 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-219 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp last-member-query-interval ip igmp last-member-query-interval To configure the last-member query interval for the IGMP, use the ip igmp last-member-query-interval command. To return to the default settings, use the no form of this command. ip igmp last-member-query-interval interval no ip igmp last-member-query-interval Syntax Description interval Defaults 1000 milliseconds (1 second); see the “Usage Guidelines” section for additional information. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Interval for the last-member query; valid values are from 100 to 65535 milliseconds in multiples of 100 milliseconds. When a multicast host leaves a group, the host sends an IGMP leave. To check if this host is the last to leave the group, an IGMP query is sent out when the leave is seen and a timer is started. If no reports are received before the timer expires, the group record is deleted. The interval is the actual time that the Catalyst 6500 series switch waits for a response for the group-specific query. If you enter an interval that is not a multiple of 100, the interval is rounded to the next lowest multiple of 100. For example, if you enter 999, the interval is rounded down to 900 milliseconds. If IGMP fast-leave processing is enabled and you enter the no igmp last-member-query-interval command, the interval is set to 0 seconds; immediate leave always assumes higher priority. Examples This example shows how to configure the last-member query interval to 200 milliseconds: Router(config-if)# ip igmp last-member-query-interval 200 Router(config-if)# Related Commands Command Description ip igmp immediate-leave group-list Enables the immediate processing of the IGMP leave-group messages. show ip igmp interface Displays the information about the IGMP-interface status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-220 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp last-member-query-interval Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-221 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping ip igmp snooping To enable IGMP snooping, use the ip igmp snooping command. To disable IGMP snooping, use the no form of this command. ip igmp snooping no ip igmp snooping Syntax Description This command has no arguments or keywords. Defaults The defaults are as follows: • IGMP snooping is enabled on the Catalyst 6500 series switch. • IGMP snooping is not configured on multicast routers. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Before you can enable IGMP snooping on the Catalyst 6500 series switches, you must configure the VLAN interface for multicast routing. Enter this command in VLAN interface configuration mode only. Examples This example shows how to enable IGMP snooping: Router(config-if)# ip igmp snooping Router(config-if)# This example shows how to disable IGMP snooping: Router(config-if)# no ip igmp snooping Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-222 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping Related Commands Command Description ip igmp snooping fast-leave Enables the IGMPv3-snooping fast-leave processing. ip igmp snooping mrouter Configures a Layer 2 port as a multicast router port. show ip igmp snooping Displays the information about the explicit host-tracking status for IGMPv3 explicit-tracking hosts. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-223 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping explicit-tracking ip igmp snooping explicit-tracking To enable explicit host tracking, use the ip igmp snooping explicit-tracking command. To disable the explicit host tracking, use the no form of this command. ip igmp snooping explicit-tracking no ip igmp snooping explicit-tracking Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Explicit host tracking is supported only with IGMPv3 hosts. When you enable explicit host tracking and the Catalyst 6500 series switch is working in proxy-reporting mode, the router may not be able to track all the hosts that are behind a VLAN interface. In proxy-reporting mode, the Catalyst 6500 series switch forwards only the first report for a channel to the router and suppresses all other reports for the same channel. With IGMPv3 proxy reporting, the Catalyst 6500 series switch does proxy reporting for unsolicited reports and reports that are received in the general query interval. Proxy reporting is turned on by default. When you disable proxy reporting, the Catalyst 6500 series switch works in transparent mode and updates the IGMP snooping database as it receives reports and forwards this information to the upstream router. The router can then explicitly track all reporting hosts. Disabling explicit tracking disables fast-leave processing and proxy reporting. IGMPv3 supports explicit host tracking of membership information on any port. The explicit host-tracking database is used for fast-leave processing for IGMPv3 hosts, proxy reporting, and statistics collection. When you enable explicit host tracking on a VLAN, the IGMP snooping software processes the IGMPv3 report that it receives from a host and builds an explicit host-tracking database that contains the following information: • The port that is connected to the host. • The channels that are reported by the host. • The filter mode for each group that is reported by the host. • The list of sources for each group that is reported by the hosts. • The router filter mode of each group. • For each group, the list of hosts that request the source. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-224 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping explicit-tracking Examples This example shows how to enable IGMPv3-explicit host tracking: Router(config-if)# ip igmp snooping explicit-tracking Router(config-if)# This example shows how to disable IGMPv3-explicit host tracking: Router(config-if)# no ip igmp snooping explicit-tracking Router(config-if)# Related Commands Command Description ip igmp snooping limit Limits the size of the explicit-tracking database. track show ip igmp snooping Displays the information about the explicit host-tracking status for IGMPv3 explicit-tracking hosts. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-225 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping fast-leave ip igmp snooping fast-leave To enable the IGMPv3-snooping fast-leave processing, use the ip igmp snooping fast-leave command. To disable fast-leave processing, use the no form of this command. ip igmp snooping fast-leave no ip igmp snooping fast-leave Syntax Description This command has no arguments or keywords. Defaults The defaults are as follows: • IGMP version 2—Disabled • IGMP version 3—Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Enter this command in VLAN interface configuration mode only. Fast-leave processing is enabled by default. To disable fast-leave processing, you must enter the no ip igmp snooping fast-leave command to disable fast-leave processing. You should use the IGMPv3-snooping fast-leave processing when there is a single receiver for the MAC group for a specific VLAN. Examples This example shows how to enable IGMPv3-snooping fast-leave processing: Router(config-if)# ip igmp snooping fast-leave Router(config-if)# This example shows how to disable IGMPv3-snooping fast-leave processing: Router(config-if)# no ip igmp snooping fast-leave Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-226 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping fast-leave Related Commands Command Description ip igmp snooping Enables IGMP snooping. ip igmp snooping explicit-tracking Enables explicit host tracking. show ip igmp interface Displays the information about the IGMP-interface status and configuration. show mac-address-table Displays the information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-227 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping flooding ip igmp snooping flooding To configure periodic flooding of multicast packets, use the ip igmp snooping flooding command. To disable periodic flooding, use the no form of this command. ip igmp snooping flooding [timer seconds] no ip igmp snooping flooding Syntax Description timer seconds Defaults The defaults are as follows: (Optional) Specifies the interval between flooding in a 24-hour period for source-only entries; valid values are from 0 to 86400 seconds. • Disabled. • If enabled, seconds is 600 seconds (10 minutes). Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on source-only VLANs. You can enter 0 seconds to disable flooding. If you enter a maximum of 86400 seconds, flooding would occur once every 24 hours. Examples This example shows how to specify the interval between flooding in a 24-hour period: Router(config-if)# ip igmp snooping flooding timer 300 Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-228 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping l2-entry-limit ip igmp snooping l2-entry-limit To configure the maximum number of Layer 2 entries that can be created by the Catalyst 6500 series switch, use the ip igmp snooping l2-entry-limit command. ip igmp snooping l2-entry-limit max-entries Syntax Description max-entries Defaults 15488 Layer 2 entries Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Maximum number of Layer 2 entries that can be created by the Catalyst 6500 series switch; valid values are from 1 to 100000. When entering max-entries, do not enter a comma (,). Enter this command in VLAN interface configuration mode only. Examples This example shows how to configure the maximum number of Layer 2 entries that can be created by the Catalyst 6500 series switch: Router(config-if)# ip igmp snooping l2-entry-limit 25000 Router(config-if)# Related Commands Command Description show ip igmp interface Displays the information about the IGMP-interface status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-229 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping last-member-query-interval ip igmp snooping last-member-query-interval To configure the last member query interval for IGMP snooping, use the ip igmp snooping last-member-query-interval command. To return to the default settings, use the no form of this command. ip igmp snooping last-member-query-interval interval no ip igmp snooping last-member-query-interval Syntax Description interval Defaults 1000 milliseconds (1 second); see the “Usage Guidelines” section for additional information. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Interval for the last member query; valid values are from 100 to 900 milliseconds in multiples of 100 milliseconds. When a multicast host leaves a group, the host sends an IGMP leave. To check if this host is the last to leave the group, an IGMP query is sent out when the leave is seen and a timer is started. If no reports are received before the timer expires, the group record is deleted. The interval is the actual time that the Catalyst 6500 series switch waits for a response for the group-specific query. If you enter an interval that is not a multiple of 100, the interval is rounded to the next lowest multiple of 100. For example, if you enter 999, the interval is rounded down to 900 milliseconds. If you enable IGMP fast-leave processing and you enter the no igmp snooping last-member-query-interval command, the interval is set to 0 seconds; fast-leave processing always assumes higher priority. Even though the valid interval range is 100 to 1000 milliseconds, you cannot enter a value of 1000. If you want this value, you must enter the no ip igmp snooping last-member-query-interval command and return to the default value (1000 milliseconds). Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-230 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping last-member-query-interval Examples This example shows how to configure the last-member-query-interval to 200 milliseconds: Router(config-if)# ip igmp snooping last-member-query-interval 200 Router(config-if)# Related Commands Command Description ip igmp snooping fast-leave Enables the IGMP v3-snooping fast-leave processing. show ip igmp interface Displays the information about the IGMP-interface status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-231 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping limit track ip igmp snooping limit track To limit the size of the explicit-tracking database, use the ip igmp snooping limit track command. To return to the default settings, use the no form of this command. ip igmp snooping limit track max-entries no ip igmp snooping limit track Syntax Description max-entries Defaults max-entries is 32000. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Maximum number of entries in the explicit-tracking database; valid values are from 0 to 128000 entries. Each entry in the explicit-tracking database is identified by the source IP, group IP, port, VLAN, and reporter IP. When you set the max-entries to 0, explicit tracking is disabled. When the explicit-tracking database exceeds the configured max-entries, a syslog message is generated. When you reduce the max-entries, the explicit-tracking database does not decrease in size immediately. The explicit-tracking database gradually shrinks as reporters time out. Examples This example shows how to configure the maximum number of entries in the explicit-tracking database: Router(config)# ip igmp snooping limit track 20000 Router(config)# Related Commands Command Description ip igmp snooping explicit-tracking Enables explicit host tracking. show ip igmp snooping Displays information about the explicit host tracking for IGMPv3 hosts. explicit-tracking vlan Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-232 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping mrouter ip igmp snooping mrouter To configure a Layer 2 port as a multicast router port, use the ip igmp snooping mrouter command. To remove the configuration., use the no form of this command ip igmp snooping mrouter {interface {interface interface-number} | {port-channel number}} | {learn {cgmp | pim-dvmrp}} no ip igmp snooping mrouter {interface {interface interface-number} | {port-channel number}} | {learn {cgmp | pim-dvmrp}} Syntax Description interface Specifies the next-hop interface to the multicast router. interface Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. See the “Usage Guidelines” section for additional valid values. interface-number Module and port number; see the “Usage Guidelines” section for valid values. port-channel number Specifies the port-channel number; valid values are a maximum of 64 values ranging from 1 to 256. learn Specifies the learning method for the multicast router. cgmp Specifies the snooping CGMP packets for the multicast router. pim-dvmrp Specifies the snooping PIM-DVMRP packets for the multicast router. Defaults pim-dvmrp Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Enter this command in VLAN interface configuration mode only. The interface to the router must be in the VLAN where you are entering the command, the interface must be administratively up, and the line protocol must be up. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The CGMP learning method can decrease control traffic. The learning method that you configure is saved in NVRAM. Static connections to multicast routers are supported only on switch ports. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-233 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping mrouter Examples This example shows how to specify the next-hop interface to the multicast router: Router(config-if)# ip igmp snooping mrouter interface fastethernet 5/6 Router(config-if)# This example shows how to specify the learning method for the multicast router: Router(config-if)# ip igmp snooping mrouter learn cgmp Router(config-if)# Related Commands Command Description ip igmp snooping Enables IGMP snooping. ip igmp snooping fast-leave Enables the IGMPv3-snooping fast-leave processing. show ip igmp snooping Displays the information about the dynamically learned and manually mrouter configured multicast router interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-234 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping querier ip igmp snooping querier To enable multicast support within a subnet when no multicast routing protocol is configured in the VLAN or subnet, use the ip igmp snooping querier command. To disable multicast support within a subnet when no multicast routing protocol is configured, use the no form of this command. ip igmp snooping querier no ip igmp snooping querier Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Enter this command in VLAN interface configuration mode only. You enable IGMP snooping on the Catalyst 6500 series switch, and disable PIM on the VLAN. Configure the VLAN in global configuration mode. Configure an IP address on the VLAN interface. When enabled, the IGMP-snooping querier uses the IP address as the query source address. If no IP address is configured on the VLAN interface, the IGMP-snooping querier does not start. The IGMP-snooping querier disables itself if you clear the IP address. When enabled, the IGMP-snooping querier restarts if you configure an IP address. The IGMP-snooping querier supports IGMPv2. When enabled, the IGMP-snooping querier does the following: • Does not start if it detects IGMP traffic from a multicast router. • Starts after 60 seconds when no IGMP traffic is detected from a multicast router. • Disables itself if it detects IGMP traffic from a multicast router. QoS does not support IGMP packets when IGMP snooping is enabled. You can enable the IGMP-snooping querier on all the Catalyst 6500 series switches in the VLAN. One Catalyst 6500 series switch is elected as the querier. If multicast routers are not present on the VLAN or subnet, the Catalyst 6500 series switch becomes the IGMP querier for the VLAN when you enable the IGMP-snooping querier. If you disable the IGMP-snooping querier, IGMP snooping functions only when you configure PIM in the subnet. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-235 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping querier You can enter the ip igmp snooping querier command at any time, but the IGMP-snooping querier starts only when no other multicast routers are present in the VLAN or subnet. You can use this command as an alternative to configuring PIM in a subnet; use this command when the multicast traffic does not need to be routed but you would like support for IGMP snooping on Layer 2 interfaces in your network. Examples This example shows how to enable the IGMP-snooping querier on the VLAN: Router(config-if)# ip igmp snooping querier Router(config-if)# Related Commands Command Description show ip igmp snooping Displays the information about the dynamically learned and manually mrouter configured multicast router interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-236 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping rate ip igmp snooping rate To set the rate limit for IGMP-snooping packets, use the ip igmp snooping rate command. To disable the software rate limiting, use the no form of this command. ip igmp snooping rate pps no ip igmp snooping rate Syntax Description pps Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Rate limit of incoming IGMP messages; valid values are from 100 to 6000 packets per second. This example shows how to enable software rate limiting: Router(config)# ip igmp snooping rate Router(config)# This example shows how to disable software rate limiting: Router(config)# no ip igmp snooping rate Router(config)# Related Commands Command Description show ip igmp snooping Displays the information about the IGMP snooping rate limit. rate-limit Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-237 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping report-suppression ip igmp snooping report-suppression To turn on IP IGMP snooping report suppression, use the ip igmp snooping report-suppression command. To turn off report suppression, use the no form of this command. ip igmp snooping report-suppression no ip igmp snooping report-suppression Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enable report suppression for all host reports responding to a general query, IP IGMP snooping forwards the first report only and suppresses the remaining reports to constrain IGMP traffic to the multicast router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-238 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp snooping source-only-learning age-timer ip igmp snooping source-only-learning age-timer To flood multicast packets periodically to a Layer 2 segment that has only multicast sources and no receivers connected to it, use the ip igmp snooping source-only-learning age-timer command. To return to the default settings, use the no form of this command. ip igmp snooping source-only-learning age-timer seconds no ip igmp snooping source-only-learning age-timer Syntax Description seconds Defaults seconds is 600 seconds (10 minutes). Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Source-only entries age timer value in seconds; valid values are from 0 to 86400 seconds. There are two source-only timers that run in an alternating fashion; the source_only_age_timer and the source_only_delete_timer. The value that you configure by entering the ip igmp snooping source-only-learning age-timer command sets the source_only_age_timer. The source_only_delete_timer has a fixed, nonconfigurable value of 5 minutes (300 seconds). The expiration of one timer starts the other timer. At any time, only one timer is running. Setting the age timer to 0 stops the flooding in the source-only VLAN. Note Examples Setting the age timer to a nonzero value causes flooding to occur every x (configured value) + 5 minutes (source_only_delete_timer) interval. This example shows how to flood multicast packets periodically: Router(config)# ip igmp snooping source-only-learning age-timer 300 Router(config)# This example shows how to return to the default settings: Router(config)# no ip igmp snooping source-only-learning age-timer Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-239 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp ssm-map ip igmp ssm-map To enable and configure SSM mapping, use the ip igmp ssm-map command. To disable SSM mapping, use the no form of this command. ip igmp ssm-map {enable | {query dns} | {static {group-access-list | group-access-list-name} source-address}} no ip igmp ssm-map {enable | {query dns} Syntax Description enable Enables SSM group to the source mapping. query dns Enables the DNS lookup. static Specifies an SSM static group to the source mapping. group-access-list Group access list to map to the source address. group-access-listname Name of the group access list to map to the source address. source-address Source address. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines By default, the locally configured static SSM mappings and the DNS server are queried. Local configured mappings have priority over dynamic mappings. If a DNS server is not available, you may want to disable DNS server lookups. To disable DNS lookups, use the no ip igmp ssm-map query dns command. If a DNS server is not available, a locally configured static SSM mapping database is used to query. A database query uses the group address and receives the source list in return. As soon as the static SSM mappings are configured, the maps are used for the lookups. To build a static SSM mappings database, use the following commands: ip igmp ssm-map static acl-1 source-1-ip-address ip igmp ssm-map static acl-2 source-2-ip-address The ACL specifies the group or groups that have to be mapped to the listed source. Because the content servers may send out more then one stream with the same source address, the access list is used to group the multicast destination addresses together. You can use wildcards if the addresses are contiguous. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-240 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip igmp ssm-map If multiple sources have to be joined for a multicast group address, you must place the group in all ACLs that are associated with the source address. In the example above, if group G must join sources 1 and 2, the group address must be placed in both acl-1 and acl-2. When you enable SSM mapping using the ip igmp ssm-map enable command, but the source mapping list is empty for the group, enter the no ip igmp ssm-map query dns command. The ip igmp ssm-map enable command is supported on statically configured SSM-mapped source entries only. Examples This example shows how to enable an SSM group to the source mapping: Router(config)# ip igmp ssm-map enable Router(config)# This example shows how to enable DNS lookups: Router(config)# ip igmp ssm-map query dns Router(config)# This example shows how to build a static SSM mapping database: Router(config)# ip igmp ssm-map static acl1 255.255.255.0 Router(config)# ip igmp ssm-map static acl2 255.255.255.0 Router(config)# This example shows how to disable an SSM group to the source mapping: Router(config)# no ip igmp ssm-map enable Router(config)# This example shows how to disable DNS lookups: Router(config)# no ip igmp ssm-map query dns Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-241 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip local-proxy-arp ip local-proxy-arp To enable local-proxy ARP, use the ip local-proxy-arp command. To disable local-proxy ARP, use the no form of this command. ip local-proxy-arp no ip local-proxy-arp Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use local-proxy ARP on subnets where the hosts are intentionally prevented from communicating directly with each other; for example, you can use local-proxy ARP in private VLAN environments. Local-proxy ARP allows the PISA to respond to ARP requests for IP addresses within a subnet where normally no routing is required. When you enable local-proxy ARP, the PISA can respond to ARP requests for IP addresses within a common subnet where traffic is not normally routed. This situation happens only when two hosts on the same subnet cannot directly ARP for each other. ICMP redirects are disabled on interfaces where local-proxy ARP is enabled. Examples This example shows how to enable local-proxy ARP: Router(config-if)# ip local-proxy-arp Router(config-if)#s Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-242 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip mroute ip mroute To configure a multicast static route (mroute), use the ip mroute command. To remove the route, use the no form of this command. ip mroute [vrf vrf-name] source-address mask [protocol as-number] {rpf-address | interface-type interface-number} [distance] no ip mroute [vrf vrf-name] source-address mask [protocol as-number] {rpf-address | interface-type interface-number} [distance] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. source-address IP address of the multicast source. mask Mask on the IP address of the multicast source. protocol (Optional) Unicast routing protocol that you are using. as-number (Optional) Autonomous system number of the routing protocol that you are using, if applicable. rpf-address Incoming interface for the mroute. interface-type interface-number Interface type and number for the mroute. distance (Optional) Administrative distance; valid values are from 0 to 255. Defaults distance is 0. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command allows you to statically configure where multicast sources are located (even though the unicast routing table shows something different). When a source range is specified, the rpf-address argument applies only to those sources. If the rpf-address is a PIM neighbor, PIM join, graft, and prune messages are sent to it. The rpf-address argument can be a host IP address of a directly connected system or a network/subnet number. When it is a route, a recursive lookup is done from the unicast routing table to find a directly connected system. If the rpf-address argument is not specified, the interface interface-type interface-number value is used as the incoming interface. The distance argument determines whether a unicast route, a DVMRP route, or a static mroute is used for the RPF lookup. The lower distances have a higher priority. If the static mroute has the same distance as the other two RPF sources, the static mroute will take precedence. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-243 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip mroute Examples This example shows how to configure all sources from a single interface (in this case, a tunnel): Router(config)# ip mroute 224.0.0.0 255.255.255.255 tunnel0 Router(config)# This example shows how to configure all specific sources within a network number to be reachable through 172.30.10.13: Router(config)# ip mroute 172.16.0.0 255.255.0.0 172.30.10.13 Router(config)# This example shows how to cause this multicast static route to take effect if the unicast routes for any given destination is deleted: Router(config)# ip mroute 224.0.0.0 255.255.255.255 serial0 200 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-244 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp border ip msdp border To configure a router that borders a PIM sparse-mode region and dense-mode region to use MSDP, use the ip msdp border command. To prevent this action, use the no form of this command. ip msdp [vrf vrf-name] border sa-address internet-type internet-number no ip msdp [vrf vrf-name] border sa-address internet-type internet-number Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. sa-address Specifies an active source IP address. internet-type internet-number Interface type and number from which the IP address is derived and used as the rendezvous-point address in source-active messages. Defaults The active sources in the dense-mode region will not participate in MSDP. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use this command if you want the router to send source-active messages for sources active in the PIM dense-mode region to MSDP peers. Specifying the internet-type internet-number allows the MSDP peers to forward source-active messages away from this border. The IP address of the interface is used as the originator ID, which is the rendezvous point field in the MSDP source-active message. Note We recommend that you configure the border router in the sparse-mode domain to proxy-register sources in the dense-mode domain and configure the sparse-mode domain to use standard MSDP procedures to advertise these sources. Note If you use this command, you must limit the sources advertised by using the ip msdp redistribute command. Configure the ip msdp redistribute command to apply to only local sources. Be aware that this configuration can result in an (S,G) state that remains long after a source in the dense-mode domain has stopped sending. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-245 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp border Note Examples The ip msdp originator-id command identifies an interface type and number to be used as the rendezvous-point address. If both the ip msdp border and ip msdp originator-id commands are configured, the ip msdp originator-id command prevails. The address derived from the ip msdp originator-id command determines the address of the rendezvous point. In this example, the local router is not a rendezvous point; it borders a PIM sparse-mode region with a dense-mode region and uses the IP address of Ethernet interface 0 as the rendezvous point address in source-active messages. Router(config)# ip msdp border sa-address ethernet0 Router(config)# Related Commands Command Description ip msdp originator-id Allows an MSDP speaker that originates a source-active message to use the IP address of the interface as the rendezvous-point address in the source-active message. ip msdp redistribute Configures which (S,G) entries from the multicast routing table are advertised in source-active messages originated to MSDP peers. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-246 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp cache-sa-state ip msdp cache-sa-state To create a source-active state on the router, use the ip msdp cache-sa-state command. ip msdp cache-sa-state [vrf vrf-name] Syntax Description vrf vrf-name Defaults The router creates the source-active state for all MSDP source-active messages that it receives. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. Usage Guidelines This command is automatically configured if at least one MSDP peer is configured. It cannot be disabled. Examples This example shows how the ip msdp cache-sa-state command is enabled when an MSDP peer is configured. For more MSDP configuration examples, refer to the “Configuring Multicast Source Discovery Protocol” chapter in the Cisco IOS Release 12.2 Cisco IOS IP Configuration Guide. . . . Router(config)# Router(config)# Router(config)# Router(config)# Router(config)# Router(config)# . . . Related Commands ip ip ip ip ip ip classless msdp peer 192.168.1.2 connect-source Loopback0 msdp peer 192.169.1.7 msdp mesh-group outside-test 192.168.1.2 msdp cache-sa-state msdp originator-id Loopback0 Command Description clear ip msdp sa-cache Configures an MSDP peer. ip msdp filter-sa-request Creates a source-active state on the router. show ip msdp sa-cache Displays (S, G) state learned from MSDP peers. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-247 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp default-peer ip msdp default-peer To define a default peer from which to accept all MSDP source-active messages, use the ip msdp default-peer command. To remove the default peer, use the no form of this command. ip msdp [vrf vrf-name] default-peer {peer-address | peer-name} [prefix-list list] no ipip msdp [vrf vrf-name] default-peer Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or DNS name of the MSDP default peer. prefix-list list (Optional) Specifies the BGP prefix list. Defaults No default MSDP peer exists. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the ip msdp default-peer command if you do not want to configure your MSDP peer to be a BGP peer also. If only one MSDP peer is configured (with the ip msdp peer command), it will be used as a default peer. You do not need to configure a default peer with this command. If you do not specify the prefix-list list keyword and argument, all source-active messages that are received from the configured default peer are accepted. The prefix-list list keyword and argument specifies that the peer will be a default peer only for the prefixes listed in the list specified by the list argument. You must configure a BGP prefix list for this prefix-list list keyword and argument to have any effect. You should configure a BGP prefix list if you intend to configure the prefix-list list keyword and argument with the ip msdp default-peer command. If you specify the prefix-list list keyword and argument, the source-active messages that originated from the rendezvous points that are covered by the prefix-list list keyword and argument are accepted from the configured default peer. If you specify the prefix-list list keyword and argument but do not configure a prefix list, the default peer is used for all prefixes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-248 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp default-peer You can enter multiple ip msdp default-peer commands, with or without the prefix-list keyword. However, all commands must either have the keyword or all must not have the keyword. Examples • When you use multiple ip msdp default-peer commands with the prefix-list keyword, you use all the default peers at the same time for different rendezvous-point prefixes. This syntax is typically used in a service provider cloud that connects stub site clouds. • When you use multiple ip msdp default-peer commands without the prefix-list keyword, you use a single active peer to accept all source-active messages. If that peer goes down, then you move to the next configured default peer to accept all source-active messages. This syntax is typically used at a stub site. This example shows how to configure the router named router.cisco.com as the default peer to the local router: Router(config)# ip msdp peer 192.168.1.2 Router(config)# ip msdp peer 192.168.1.3 Router(config)# ip msdp default-peer router.cisco.com !At a stub site This example shows how to configure the router at IP address 192.168.1.3 as the default peer to the local router: Router(config)# ip msdp peer 192.168.1.3 Router(config)# ip msdp peer 192.168.3.5 Router(config)# ip msdp default-peer 192.168.1.3 This example shows how to configure two default peers: Router(config)# Router(config)# Router(config)# Router(config)# Router(config)# Router(config)# Related Commands ip ip ip ip ip ip msdp peer 172.18.2.3 msdp peer 172.19.3.5 msdp default-peer 172.18.2.3 prefix-list site-c prefix-list site-a permit 172.18.0.0/16 msdp default-peer 172.19.3.5 prefix-list site-a prefix-list site-c permit 172.19.0.0/16 Command Description ip msdp peer Configures an MSDP peer. ip prefix-list Creates an entry in a prefix list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-249 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp description ip msdp description To add descriptive text to the configuration for an MSDP peer, use the ip msdp description command. To remove the description, use the no form of this command. ip msdp [vrf vrf-name] description {peer-name | peer-address} text no ip msdp [vrf vrf-name] description {peer-name | peer-address} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-name | peer-address Peer name or address to which this description applies. text Description of the MSDP peer. Defaults No description is associated with an MSDP peer. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Configure a description to make the MSDP peer easier to identify. This description is displayed in the output of the show ip msdp peer command. Examples This example shows how to configure the router at the IP address 224.107.5.4 with a description indicating it is a router at customer A: Router(config)# ip msdp description 224.107.5.4 router at customer a Router(config)# Related Commands Command Description show ip msdp peer Displays detailed information about the MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-250 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp filter-sa-request ip msdp filter-sa-request To configure the router to send source-active request messages to the MSDP peer when a new joiner from a group becomes active, use the ip msdp filter-sa-request command. To prevent this action, use the no form of this command. ip msdp [vrf vrf-name] filter-sa-request {peer-address | peer-name} [list access-list] no ip msdp [vrf vrf-name] filter-sa-request {peer-address | peer-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address IP address of the MSDP peer from which the local router requests source-active messages when a new joiner for the group becomes active. peer-name Name of the MSDP peer from which the local router requests source-active messages when a new joiner for the group becomes active. list access-list (Optional) Specifies the standard IP access-list number or name that describes a multicast group address. Defaults If this command is not configured, all source-active request messages are recognized. If this command is configured but no access list is specified, all source-active request messages are ignored. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines By default, the router recognizes all source-active request messages from peers. Use this command if you want to control exactly which source-active request messages that the router will recognize. If no access list is specified, all source-active request messages are ignored. If an access list is specified, only source-active request messages from those permitted groups will be recognized, and all others will be ignored. Examples This example shows how to configure the router to filter source-active request messages from the MSDP peer at 172.16.2.2. This example also shows that the source-active request messages from sources on the network 192.168.22.0 pass access list 1 and will be recognized; all others will be ignored. Router(config)# ip msdp filter sa-request 224.69.2.2 list 1 access-list 1 permit 228.4.22.0 0.0.0.255 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-251 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp filter-sa-request Related Commands Command Description ip msdp peer Configures an MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-252 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp mesh-group ip msdp mesh-group To configure an MSDP peer to be a member of a mesh group, use the ip msdp mesh-group command. To remove an MSDP peer from a mesh group, use the no form of this command. ip msdp [vrf vrf-name] mesh-group mesh-name {peer-address | peer-name} no ip msdp [vrf vrf-name] mesh-group mesh-name {peer-address | peer-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. mesh-name Name of the mesh group. peer-address | peer-name IP address or name of the MSDP peer to be a member of the mesh group. Defaults The MSDP peers do not belong to a mesh group. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines A mesh group is a group of MSDP speakers that have fully meshed MSDP connectivity among themselves. The source-active messages received from a peer in a mesh group are not forwarded to the other peers in the same mesh group. The mesh groups can be used to achieve two goals: Examples • Reduce source-active message flooding • Simplify peer-RPF flooding (you do not need to run BGP or multiprotocol BGP among MSDP peers) This example shows how to configure the MSDP peer at address 224.1.1.1 to be a member of the mesh group named internal: Router(config)# ip msdp mesh-group internal 224.1.1.1 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-253 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp originator-id ip msdp originator-id To allow an MSDP speaker that originates a source-active message to use the IP address of the interface as the rendezvous-point address in the source-active message, use the ip msdp originator-id command. To prevent the rendezvous-point address from being derived in this way, use the no form of this command. ip msdp [vrf vrf-name] originator-id interface-type interface-number no ip msdp [vrf vrf-name] originator-id interface-type interface-number Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface-type interface-number Interface type and number on the local router whose IP address is used as the rendezvous-point address in source-active messages. Defaults The rendezvous-point address is used as the originator ID. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The ip msdp originator-id command identifies an interface type and number to be used as the rendezvous-point address in a source-active message. Use this command if you want to configure a logical rendezvous point. Because only rendezvous points and MSDP border routers originate source-active messages, you might need to change the ID used for this purpose. If both the ip msdp border sa-address and ip msdp originator-id commands are configured, the ip msdp originator-id command prevails. The address derived from the ip msdp originator-id command determines the address of the rendezvous point to be used in the source-active message. Examples This example shows how to configure the IP address of Ethernet interface 1 as the rendezvous-point address in source-active messages: Router(config)# ip msdp originator-id ethernet1 Router(config)# Related Commands Command Description ip msdp border Configures a router that borders a PIM sparse-mode region and dense-mode region to use MSDP. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-254 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp peer ip msdp peer To configure an MSDP peer, use the ip msdp peer command. To remove the peer relationship, use the no form of this command. ip msdp [vrf vrf-name] peer {peer-name | peer-address} [connect-source interface-type interface-number] [remote-as as-number] no ip msdp [vrf vrf-name] peer {peer-name | peer-address} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-name | peer-address DNS name or IP address of the router that is to be the MSDP peer. connect-source interface-type (Optional) Specifies the interface type and number whose primary interface-number address becomes the source IP address for the TCP connection. remote-as as-number (Optional) Specifies the autonomous system number of the MSDP peer. Defaults No MSDP peer is configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The router specified should also be configured as a BGP neighbor. The interface-type is on the router being configured. If you are also using BGP peering with this MSDP peer, you should use the same IP address for MSDP that you used for BGP. However, you are not required to run BGP or multiprotocol BGP with the MSDP peer if there is a BGP or MBGP path between the MSDP peers. If there is no path, you must configure the ip msdp default-peer command. The remote-as as-number keyword and argument is used for display purposes only. A peer might appear to be in another autonomous system (other than the one it really resides in) when you have an MSDP peering session but do not have a BGP peer session with that peer. In this case, if the prefix of the peer is injected by another autonomous system, it displays as the autonomous system number of the peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-255 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp peer Examples This example shows how to configure the router at the IP address 224.108.1.2 as an MSDP peer to the local router. The neighbor belongs to autonomous system 109. Router(config)# ip msdp peer 224.108.1.2 connect-source ethernet 0 router bgp 110 network 224.108.0.0 neighbor 224.108.1.2 remote-as 109 neighbor 224.108.1.2 update-source ethernet 0 This example shows how to configure the router named router.cisco.com as an MSDP peer to the local router: Router(config)# ip msdp peer router.cisco.com Router(config)# This example shows how to configure the router named router.cisco.com to be an MSDP peer in autonomous system 109. The primary address of Ethernet interface 0 is used as the source address for the TCP connection. Router(config)# ip msdp peer router.cisco.com connect-source ethernet0 remote-as 109 Router(config)# Related Commands Command Description neighbor remote-as Adds an entry to the BGP or multiprotocol BGP neighbor table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-256 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp redistribute ip msdp redistribute To configure which (S,G) entries from the multicast routing table are advertised in source-active messages originated to MSDP peers, use the ip msdp redistribute command. To remove the filter, use the no form of this command. ip msdp [vrf vrf-name] redistribute [list access-list-name] [asn as-access-list-number] [route-map map-name] no ip msdp [vrf vrf-name] redistribute Syntax Description Defaults vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. list access-list-name (Optional) Specifies the standard or extended IP access-list number or name that controls which local sources are advertised and to which groups they send. asn as-access-list-number (Optional) Specifies the standard or extended IP access-list number; valid values are from 1 to 199. route-map map-name (Optional) Specifies the route-map name. The default settings are as follows: • If no portion of this command is configured, only local sources are advertised, provided that they send to groups for which the router is a rendezvous point. • If no portion of this command is configured and if the ip msdp border sa-address command is configured, all local sources are advertised. • If the ip msdp redistribute command is configured with no keywords, no multicast sources are advertised. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You must configure the as-access-list-number argument in the ip as-path command. This command affects source-active message origination, not source-active message forwarding. If you want to filter which source-active messages are forwarded to MSDP peers, use the ip msdp sa-filter in or ip msdp sa-filter out command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-257 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp redistribute The ip msdp redistribute command controls which (S,G) pairs the router advertises from the multicast routing table. By default, only sources within the local domain are advertised. Use the following guidelines for the ip msdp redistribute command: Examples • If you specify the list access-list-name keyword and argument only, you filter which local sources are advertised and to which groups are sent advertisements. The access list specifies a source address, source mask, group address, and group mask. • If you specify the asn as-access-list-number keyword and argument only, you advertise all sources sending to any group that pass through the autonomous system path access list. The autonomous system path access-list number refers to the ip as-path command, which specifies an access list. If you specify the asn 0 keywords, sources from all autonomous systems are advertised. The asn 0 keywords are useful when connecting dense-mode domains to a sparse-mode domain running MSDP, or when using MSDP in a router that is not configured with BGP. In these cases, you do not know if a source is local. • If you specify the route-map map-name keyword and argument only, you advertise all sources that satisfy the match criteria in the route map map-name argument. • If you specify all three keywords (list, asn, and route-map), all conditions must be true before any multicast source is advertised in a source-active message. • If you specify the ip multicast redistribute command with no other keywords or arguments, no multicast sources are advertised. This example shows how to configure which (S,G) entries from the multicast routing table are advertised in source-active messages originated to MSDP peers: Router(config)# ip msdp redistribute route-map customer-sources route-map customer-sources permit match as-path customer-as Router(config)# ip as-path access-list ^109$ Related Commands Command Description ip as-path Defines a BGP autonomous system path access list. ip msdp border Configures a router that borders a PIM sparse-mode region and dense-mode region to use MSDP. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-258 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp sa-filter in ip msdp sa-filter in To configure an incoming filter list for source-active messages received from the specified MSDP peer, use the ip msdp sa-filter in command. To remove the filter, use the no form of this command. ip msdp [vrf vrf-name] sa-filter in {peer-address | peer-name} [list access-list-name] [route-map map-name] no ip msdp [vrf vrf-name] sa-filter in {peer-address | peer-name} [list access-list-name] [route-map map-name] Syntax Description Defaults vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or name of the MSDP peer from which the source-active messages are filtered. list access-list-name (Optional) Specifies the IP access-list number or name. route-map map-name (Optional) Specifies the route-map name. The default settings are as follows: • If this command is not configured, no incoming messages are filtered; all source-active messages are accepted from the peer. • If the command is configured, but no access list or route map is specified, all source/group pairs from the peer are filtered. • If both the list and route-map keywords are used, all conditions must be true to pass any (S,G) pair in incoming source-active messages. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify an access-list-name, all source/group pairs from the peer are filtered. The specified MSDP peer passes only those source-active messages that meet the match criteria in the route map map-name argument. If all match criteria are true, a permit keyword from the route map passes the routes through the filter. Use the deny keyword to filter the routes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-259 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp sa-filter in Examples This example shows how to configure the router to filter all source-active messages from the peer named router.cisco.com: Router(config)# ip msdp peer router.cisco.com connect-source ethernet 0 Router(config)# ip msdp sa-filter in router.cisco.com Router(config)# Related Commands Command Description ip msdp peer Configures an MSDP peer. ip msdp sa-filter out Configures an outgoing filter list for source-active messages sent to the specified MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-260 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp sa-filter out ip msdp sa-filter out To configure an outgoing filter list for source-active messages sent to the specified MSDP peer, use the ip msdp sa-filter out command. To remove the filter, use the no form of this command. ip msdp [vrf vrf-name] sa-filter out {peer-address | peer-name} [list access-list-name] [route-map map-name] no ip msdp [vrf vrf-name] sa-filter out {peer-address | peer-name} [list access-list-name] [route-map map-name] Syntax Description Defaults vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or DNS name of the MSDP peer to which the source-active messages are filtered. list access-list (Optional) Specifies the extended IP access-list number or name. route-map map-name (Optional) Specifies the route map name. The default settings are as follows: • If this command is not configured, no outgoing messages are filtered; all source-active messages received are forwarded to the peer. • If the command is configured, but no access list or route map is specified, all source/group pairs are filtered. • If both the list and route-map keywords are used, all conditions must be true to pass any (S,G) pairs in outgoing source-active messages. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify an access-list, all source/group pairs are filtered. The specified MSDP peer passes only those source-active messages that pass the extended access list. If both the list and route-map keywords are used, all conditions must be true to pass any (S,G) pairs in outgoing source-active messages. To the specified MSDP peer, only those source-active messages that meet the match criteria in the route map map-name argument are passed. If all match criteria are true, a permit keyword from the route map passes routes through the filter. Use the deny keyword to filter the routes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-261 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp sa-filter out Examples This example shows how to allow only (S,G) pairs that pass access list 100 to be forwarded in a source-active message to the peer named router.cisco.com: Router(config)# ip msdp peer router.cisco.com connect-source ethernet 0 Router(config)# ip msdp sa-filter out router.cisco.com list 100 access-list 100 permit ip 224.69.0.0 0.0.255.255 224.2.0.0 0.0.255.255 Related Commands Command Description ip msdp peer Configures an MSDP peer. ip msdp sa-filter in Configures an incoming filter list for source-active messages received from the specified MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-262 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp sa-request ip msdp sa-request To configure the router to send source active request messages to the MSDP peer when a new joiner from the group becomes active, use the ip msdp sa-request command. To prevent this action, use the no form of this command. ip msdp [vrf vrf-name] sa-request {peer-address | peer-name} no ip msdp [vrf vrf-name] sa-request {peer-address | peer-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or name of the MSDP peer from which the local router requests source-active messages when a new joiner for the group becomes active. Defaults The router does not send source-active request messages to the MSDP peer. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines By default, the router does not send any source-active request messages to its MSDP peers when a new member joins a group and wants to receive multicast traffic. The new member waits to receive any source-active messages that eventually arrive. Use this command if you want a new member of a group to learn the current, active multicast sources in a connected PIM-SM domain that are sending to a group. The router sends source-active request messages to the specified MSDP peer when a new member joins a group. The peer replies with the information in its source-active cache. If the peer does not have a cache configured, this command does not work. You can also use the ip msdp cache-sa-state command to have the router cache messages. Examples This example shows how to configure the router to send source-active request messages to the MSDP peer at 224.69.1.1: Router(config)# ip msdp sa-request 224.69.1.1 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-263 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp sa-request Related Commands Command Description ip msdp cache-sa-state Creates a source-active state on the router. ip msdp peer Configures an MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-264 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp shutdown ip msdp shutdown To administratively shut down a configured MSDP peer, use the ip msdp shutdown command. To bring the peer back up, use the no form of this command. ip msdp [vrf vrf-name] shutdown {peer-address | peer-name} no ip msdp [vrf vrf-name] shutdown {peer-address | peer-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or name of the MSDP peer to shut down. Defaults No action is taken to shut down an MSDP peer. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to shut down the MSDP peer at the IP address 224.5.7.20: Router(config)# ip msdp shutdown 224.5.7.20 Router(config)# Related Commands Command Description ip msdp peer Configures an MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-265 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip msdp ttl-threshold ip msdp ttl-threshold To limit which multicast data packets are sent in source-active messages to an MSDP peer, use the ip msdp ttl-threshold command. To restore the default value, use the no form of this command. ip msdp [vrf vrf-name] ttl-threshold {peer-address | peer-name} ttl-value no ip msdp [vrf vrf-name] ttl-threshold {peer-address | peer-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name IP address or name of the MSDP peer to which the ttl-value argument applies. ttl-value Time-to-live (TTL) value; valid values are from 0 to 255. Defaults ttl-value is 0. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command limits which multicast data packets are sent in data-encapsulated source-active messages. Only multicast packets with an IP header TTL greater than or equal to the ttl-value argument are sent to the MSDP peer that is specified by the IP address or name. Use this command if you want to use TTL to limit your multicast data traffic. For example, you could limit internal traffic to a TTL of 8. If you want other groups to go to external locations, you need to send those packets with a TTL greater than 8. The default value of the ttl-value argument is 0, which means that all multicast data packets are forwarded to the peer until the TTL is exhausted. Examples This example shows how to configure a TTL threshold of eight hops: Router(config)# ip msdp ttl-threshold 224.5.7.20 8 Router(config)# Related Commands Command Description ip msdp peer Configures an MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-266 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast boundary ip multicast boundary To configure an administratively scoped boundary, use the ip multicast boundary command. To remove the boundary, use the no form of this command. ip multicast boundary access-list [filter-autorp] no ip multicast boundary access-list [filter-autorp] Syntax Description access-list Number or name that identifies an access list that controls the range of group addresses affected by the boundary. filter-autorp (Optional) Filters auto RP messages denied by the boundary ACL. Defaults There is no boundary. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Use this command to configure an administratively scoped boundary on an interface to filter the multicast group addresses in the range that is defined by the access-list argument. A standard access list defines the range of addresses affected. When you configure this command, multicast data packets are not allowed to flow across an interface from either direction. Restricting the multicast data packet flow enables reuse of the same multicast group address in different administrative domains. Extended access lists are not allowed with the filter-autorp keyword or the use of no keywords. If you configure the filter-autorp keyword, the administratively scoped boundary also examines Auto-RP discovery and announcement messages and removes any Auto-RP group range announcements from the Auto-RP packets that are denied by the boundary ACL. An Auto-RP group range announcement is permitted and passed by the boundary only if all addresses in the Auto-RP group range are permitted by the boundary ACL. If any address is not permitted, the entire group range is filtered and removed from the Auto-RP message before the Auto-RP message is forwarded. Use the following guidelines when you enter the ip multicast boundary command: • Only standard access lists are permitted with the use of the filter-autorp keyword or no keyword. • All instances of the command apply to both control and data plane traffic. • Protocol information on the extended access list is parsed to allow reuse and filtering for IOS consistency. An (S,G) operation will be filtered by an extended access list under all conditions stated above for keywords if the access list filters (S,G) traffic for all protocols. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-267 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast boundary Examples This example shows how to set up a boundary for all administratively scoped addresses: Router(config-if)# ip multicast boundary 1 Router(config-if)# This example shows how to set up a boundary for an extended ACL: Router(config-if)# ip multicast boundary 101 Router(config-if)# This example shows how to filter auto RP messages denied by the boundary ACL. Router(config-if)# ip multicast boundary acc_grp10 filter-autorp Router(config-if)# Related Commands Command Description access-list (IP standard) Defines a standard IP access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-268 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast cache-headers ip multicast cache-headers To allocate a circular buffer to store IP multicast packet headers that the router receives, use the ip multicast cache-headers command. To remove the buffer, use the no form of this command. ip multicast [vrf vrf-name] cache-headers [rtp] no ip multicast [vrf vrf-name] cache-headers Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. rtp (Optional) Caches RTP headers. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note You can store IP multicast packet headers in a cache and then display them to determine the following information: • Who is sending IP multicast packets to which groups • Interpacket delay • Duplicate IP multicast packets (if any) • Multicast forwarding loops in your network (if any) • Size of the group • UDP port numbers • Packet length This command allocates a circular buffer of approximately 32 KB. Do not configure this command if you are low on memory. Use the show ip mpacket command to display the buffer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-269 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast cache-headers Examples This example shows how to allocate a buffer to store IP multicast packet headers: Router(config)# ip multicast cache-headers Router(config)# Related Commands Command Description show ip mpacket Displays the contents of the circular cache-header buffer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-270 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast helper-map ip multicast helper-map To allow IP multicast routing in a multicast-capable internetwork between two broadcast-only internetworks, use the ip multicast helper-map command. To disable this function, use the no form of this command. ip multicast helper-map broadcast multicast-address access-list [ttl x] no ip multicast helper-map broadcast multicast-address access-list Syntax Description broadcast Specifies that the traffic is being converted from broadcast to multicast. Use this keyword with the multicast-address argument. multicast-address IP multicast address to which the converted traffic is directed. Use this argument with the broadcast keyword. access-list IP-extended access-list number or name that controls which broadcast packets are translated, based on the UDP port number. ttl x (Optional) Translates packets with a TTL of 1 and resets the TTL; valid values are from 1 to 50. Defaults No conversion between broadcast and multicast occurs. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When a multicast-capable internetwork is between two broadcast-only internetworks, you can convert the broadcast traffic to multicast at the first-hop router, and convert it back to broadcast at the last-hop router before delivering the packets to the broadcast clients. However, broadcast packets with the IP source address of 0.0.0.0 (such as a DHCP request) are not translated to any multicast group. If you send a directed broadcast to the subnet, the outgoing interface of the last-hop router can be configured with an IP broadcast address of x.x.x.255, where x.x.x.0 is the subnet that you are trying to reach; otherwise, the packet is converted to 255.255.255.255. Broadcast packets with a TTL of 1 are not translated by the ip multicast helper-map command unless you use the ttl keyword with the command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-271 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast helper-map Examples This example shows how to allow IP multicast routing in a multicast-capable internetwork between two broadcast-only internetworks: Router(config-if)# ip multicast helper-map broadcast 224.5.5.5 120 ttl 2 Router(config-if)# Related Commands Command Description ip directed-broadcast Enables the translation of a directed broadcast to physical broadcasts. ip forward-protocol turbo-flood Speeds up the flooding of UDP packets using the spanning-tree algorithm. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-272 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast mrinfo-filter ip multicast mrinfo-filter To filter multicast router information (mrinfo) request packets, use the ip multicast mrinfo-filter command. To disable this configuration, use the no form of this command. ip multicast mrinfo-filter access-list no ip multicast mrinfo-filter access-list Syntax Description access-list Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Access list of the source IP address to be filtered. Usage Guidelines The ip multicast mrinfo-filter command filters the mrinfo request packets for all of the sources listed in the specified access list. Examples This example shows how to specify that mrinfo request packets are filtered for all sources that are listed in access-list number 4: Router(config)# ip multicast mrinfo-filter 4 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-273 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast multipath ip multicast multipath To split the load of IP multicast traffic across multiple equal-cost paths, use the ip multicast multipath command. To disable this configuration, use the no form of this command. ip multicast [vrf vrf-name] multipath no ip multicast [vrf vrf-name] multipath Syntax Description vrf vrf-name Defaults If multiple equal-cost paths exist, multicast traffic will not be split across these paths. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. Usage Guidelines If you enter the ip multicast multipath command and multiple equal-cost paths exist in your network, load splitting will occur across the equal-cost paths for multicast traffic from different sources to the same multicast group, but not for traffic from the same source to different multicast groups. Because this command changes the way a RPF neighbor is selected, you must split the load of IP multicast traffic across equal-cost paths consistently on all routers in a redundant topology to avoid looping. Examples This example shows how to split the load of IP multicast traffic across multiple equal-cost paths: Router(config)# ip multicast multipath Router(config)# Related Commands Command Description show ip rpf Displays the triggered RPF statistics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-274 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast netflow ip multicast netflow To enable multicast egress or ingress NetFlow accounting on an interface, use the ip multicast netflow command. To disable multicast NetFlow accounting, use the no form of this command. ip multicast netflow {egress | ingress} no ip multicast netflow {egress | ingress} Syntax Description Defaults egress Specifies multicast egress NetFlow accounting. ingress Specifies multicast ingress NetFlow accounting. The defaults are as follows: • Multicast egress NetFlow accounting is disabled. • Multicast ingress NetFlow accounting is enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The output of the show running-config command does not indicate when multicast ingress accounting is enabled (but it does indicate when multicast ingress NetFlow accounting is disabled). You must enable multicast egress NetFlow accounting on all interfaces for which you want to count outgoing multicast stream. To display the multicast entries, enter the show mls netflow ip command. Examples This example shows how to enable multicast ingress NetFlow accounting on the ingress Ethernet 1/0 interface: Router# configure terminal Router(config)# interface ethernet 1/0 Router(config-if)# ip multicast netflow ingress Router(config-if)# end Related Commands Command Description ip multicast netflow rpf-failure Enables NetFlow accounting for multicast data that fails the RPF check. show ip flow interfaces Displays NetFlow accounting configuration on interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-275 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast route-limit ip multicast route-limit To limit the number of multicast routes (mroutes) that can be added to a multicast routing table, use the ip multicast route-limit command. To disable this configuration, use the no form of this command. ip multicast [vrf vrf-name] route-limit limit [threshold] no ip multicast [vrf vrf-name] route-limit limit [threshold] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. limit Number of mroutes that can be added; valid values are from 1 to 2147483647. threshold (Optional) Number of mroutes that cause a warning message to occur; valid values are from 1 to 2147483647. Defaults limit is 2147483647. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The ip multicast route-limit command limits the number of multicast routes that can be added to a router and generates an error message when the limit is exceeded. If you set the threshold argument, a threshold error message is generated when the threshold is exceeded, and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. The mroute warning threshold must not exceed the mroute limit. Examples This example shows how to set the mroute limit at 200,000 and the threshold at 20,000 for a VRF instance named cisco: Router(config)# ip multicast vrf cisco route-limit 200000 20000 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-276 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast-routing ip multicast-routing To enable IP multicast routing, use the ip multicast-routing command. To disable IP multicast routing, use the no form of this command. ip multicast-routing [vrf vrf-name] [distributed] no ip multicast-routing [vrf vrf-name] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. distributed (Optional) Enables MDS. Defaults This command is disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When IP multicast routing is disabled, no multicast packets are forwarded. Examples This example shows how to enable IP multicast routing: Router(config)# ip multicast-routing Router(config)# This example shows how to enable IP multicast routing on a specific VRF: Router(config)# ip multicast-routing vrf vrf1 Router(config)# This example shows how to disable IP multicast routing: Router(config)# no ip multicast-routing Router(config)# Related Commands Command Description ip pim Enables PIM on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-277 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast rpf backoff ip multicast rpf backoff To set the PIM-backoff interval, use the ip multicast rpf backoff command. To return to the default settings, use the no form of this command. ip multicast rpf backoff {{min max} | disable} no ip multicast rpf backoff Syntax Description Defaults min Initial RPF-backoff delay in milliseconds; valid values are from 1 to 65535 milliseconds. max Maximum RPF-backoff delay in milliseconds; valid values are from 1 to 65535 milliseconds. disable Disables the triggered RPF check. If you enable the triggered RPF check, the defaults are as follows: • min is 500 milliseconds. • max is 5000 milliseconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enable the triggered RPF check, PIM periodically polls the routing tables for changes (set using the ip multicast rpf interval command). When you enable the triggered RPF check, PIM polls the routing tables when a change in the routing tables occurs. The min argument sets the initial backoff time. Once triggered, PIM waits for additional routing table changes. If the min period expires without further routing table changes, PIM scans for routing changes. If additional routing changes occur during the backoff period, PIM doubles the length of the backoff period. You can set the maximum interval for the doubled backoff period with the max argument. Use this command in the following situation: • You have frequent route changes in your device (for example, on a dial-in router). • You want to either reduce the maximum RPF-check interval for faster availability of IP multicast on newly established routes, or you want to increase the RPF-check interval to reduce the CPU load that is introduced by the RPF check. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-278 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast rpf backoff Examples This example shows how to set the PIM-backoff interval in milliseconds: Router(config)# ip multicast rpf backoff 100 Router(config)# Related Commands Command Description ip multicast rpf interval Sets the RPF consistency-check interval. show ip rpf events Displays the triggered RPF statistics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-279 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip multicast rpf interval ip multicast rpf interval To set the RPF consistency-check interval, use the ip multicast rpf interval command. To return to the default settings, use the no form of this command. ip multicast rpf interval interval no ip multicast rpf interval Syntax Description interval Defaults 10 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Interval in seconds between RPF checks; valid values are from 1 to 10 seconds. Usage Guidelines The ip multicast rfp interval command sets the interval PIM and polls the routing tables for changes. Examples This example shows how to set the RPF consistency-check interval in seconds: Router(config)# ip multicast rpf interval 5 Router(config)# Related Commands Command Description ip multicast rpf backoff Sets the PIM-backoff interval. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-280 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim accept-register ip pim accept-register To configure a candidate rendezvous-point router to filter PIM register messages, use the ip pim accept-register command. To disable this function, use the no form of this command. ip pim [vrf vrf-name] accept-register {list access-list | route-map map-name} no ip pim [vrf vrf-name] accept-register {list access-list | route-map map-name} Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. list access-list Specifies the extended access-list number or name. route-map map-name Specifies the route-map name. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use this command to prevent unauthorized sources from registering with the rendezvous point. If an unauthorized source sends a register message to the rendezvous point, the rendezvous point immediately sends a register-stop message. Examples This example shows how to restrict the rendezvous point from allowing sources in the SSM range of addresses to register with the rendezvous point. These statements need to be configured only on the rendezvous point. Router(config)# ip pim accept-register list no-ssm-range Router(config)# ip access-list extended no-ssm-range deny ip any 232.0.0.0 0.255.255.255 permit ip any any Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-281 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim accept-rp ip pim accept-rp To configure a router to accept join or prune messages that are destined for a specified rendezvous point and for a specific list of groups, use the ip pim accept-rp command. To remove the check, use the no form of this command. ip pim [vrf vrf-name] accept-rp {rp-address | auto-rp} [access-list] no ip pim [vrf vrf-name] accept-rp {rp-address | auto-rp} [access-list] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. rp-address Address of the rendezvous point that is allowed to send join messages to groups in the range specified by the group access list. auto-rp Specifies that join and register messages are accepted only for rendezvous points that are in the Auto-RP cache. access-list (Optional) Access-list number or name that defines which groups are subject to the check. Defaults Disabled—All join messages and prune messages are processed. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command causes the router to accept only (*, G) join messages that are destined for the specified rendezvous-point address. Additionally, the group address must be in the range specified by the access list. When the rp-address argument is one of the addresses of the system, the system is the rendezvous point only for the specified group range specified by the access list. When the group address is not in the group range, the rendezvous point does not accept join or register messages and responds immediately to register messages with register-stop messages. Examples This example shows how to configure the router to accept join or prune messages that are destined for the rendezvous point at address 172.17.1.1 for the multicast group 224.2.2.2: Router(config)# ip pim accept-rp 172.17.1.1 3 access-list 3 permit 224.2.2.2 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-282 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim accept-rp Related Commands Command Description access-list (IP standard) Defines a standard IP access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-283 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim bidir-enable ip pim bidir-enable To enable bidir-PIM, use the ip pim bidir-enable command. To disable bidir-PIM, use the no form of this command. ip pim [vrf vrf-name] bidir-enable no ip pim [vrf vrf-name] bidir-enable Syntax Description vrf vrf-name Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. When bidir-PIM is disabled, the switch operates similarly to a router without bidir-PIM support. The following conditions apply: • PIM hello messages that are sent by the router do not contain the bidirectional mode option. • The router does not send designated forwarder election messages and ignores designated forwarder election messages that are received. • The ip pim rp-address, ip pim send-rp-announce, and ip pim rp-candidate commands are treated as follows: – If these commands are configured when bidir-PIM is disabled, bidirectional mode is not a configuration option. – If these commands are configured with the bidirectional mode option when bidir-PIM is enabled and then bidir-PIM is disabled, these commands are removed from the CLI. You must enter these commands again with the bidirectional-mode option when you reenable bidir-PIM. • Examples The df keyword for the show ip pim interface command is not supported. This example shows how to enable bidir-PIM: Router(config)# ip pim bidir-enable Router(config)# This example shows how to disable bidir-PIM: Router(config)# no ip pim bidir-enable Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-284 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim bidir-enable Related Commands Command Description ip pim rp-address Configures the address of a PIM rendezvous point for a particular group. ip pim rp-candidate Configures the router to advertise itself as a PIM Version 2 rendezvous-point candidate to the BSR. ip pim send-rp-announce Uses Auto-RP to configure groups for which the router acts as a rendezvous point. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-285 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim bsr-candidate ip pim bsr-candidate To configure the router to announce its candidacy as a BSR, use the ip pim bsr-candidate command. To remove this router as a candidate bootstrap router, use the no form of this command. ip pim [vrf vrf-name] bsr-candidate interface-type interface-number [hash-mask-length] [priority] no ip pim [vrf vrf-name] bsr-candidate Syntax Description Defaults vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface-type interface-number Interface type and number on this router from which the BSR address is derived to make it a candidate. hash-mask-length (Optional) Length of a mask (32 bits maximum) that is to be ANDed with the group address before the hash function is called. priority (Optional) BSR priority; valid values are from 0 to 255. The default settings are as follows: • Disabled. • If enabled, the priority is 0. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command causes the router to send bootstrap messages to all its PIM neighbors with the address of the designated interface as the BSR address. Each neighbor compares the BSR address with the address it had from previous bootstrap messages (not necessarily received on the same interface). If the current address is the same or higher address, it caches the current address and forwards the bootstrap message. Otherwise, the router drops the bootstrap message. This router continues to be the BSR until it receives a bootstrap message from another candidate BSR saying that it has a higher priority (or if the same priority, a higher IP address). Use this command only in backbone routers that have good connectivity to all parts of the PIM domain. A stub router that relies on an on-demand dialup link to connect to the rest of the PIM domain is not a good BSR candidate. You must enable the interface-type with PIM. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-286 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim bsr-candidate When setting the hash-mask-length argument, all groups with the same seed hash correspond to the same rendezvous point. For example, if this value is 24, only the first 24 bits of the group addresses are applicable; using this setting allows you to get one rendezvous point for multiple groups. When setting the priority, the BSR with the larger priority is preferred. If the priority values are the same, the router with the larger IP address is the BSR. Examples This example shows how to configure the IP address of the router on Ethernet interface 0 to be a candidate BSR with a priority of 10: Router(config)# ip pim bsr-candidate ethernet 0 10 Router(config)# Related Commands Command Description ip pim bsr border Prevents BSR messages from being sent or received through an interface. ip pim rp-candidate Configures the router to advertise itself as a PIM Version 2 rendezvous-point candidate to the BSR. ip pim send-rp-discovery Configures the router as a rendezvous-point mapping agent. show ip pim bsr Displays the BSR information. show ip pim rp Displays active rendezvous points that are cached with associated multicast routing entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-287 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim register-rate-limit ip pim register-rate-limit To set a limit on the maximum number of PIM-SM register messages that are sent per second for each (S,G) routing entry, use the ip pim register-rate-limit command. To disable this limit, use the no form of this command. ip pim [vrf vrf-name] register-rate-limit rate no ip pim [vrf vrf-name] register-rate-limit Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. rate Maximum number of register messages that are sent per second by the router; valid values are from 1 to 65535 messages per second. Defaults No limit is defined. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use this command to limit the number of register messages that the designated router allows for each (S,G) entry. Enabling this command limits the load on the designated router and rendezvous point but drops those register messages that exceed the set limit. Receivers may experience data packet loss within the first second in which register messages are sent from bursty sources. If you enter the ip pim dense-mode proxy-register command, then you must enter the ip pim register-rate-limit command because of the potentially large number of sources from the dense-mode area that may send data into the sparse-mode region (and need registering in the border router). This command applies only to sparse mode (S,G) multicast routing entries. Examples This example shows how to set a limit on PIM-SM register messages with a maximum rate of two register messages per second: Router(config)# ip pim register-rate-limit 2 Router(config)# Related Commands Command Description ip pim Enables PIM on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-288 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim register-source ip pim register-source To configure the IP source address of a register message to an interface address other than the outgoing interface address of the designated router leading toward the rendezvous point, use the ip pim register-source command. To disable this configuration, use the no form of this command. ip pim [vrf vrf-name] register-source interface-type interface-number no ip pim [vrf vrf-name] register-source Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface-type interface-number Interface type and interface number that identify the IP source address of a register message. Defaults The IP address of the outgoing interface of the designated router leading toward the rendezvous point is used as the IP source address of a register message. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is required only when the IP source address of a register message is not a uniquely routed address to which the rendezvous point can send packets. This situation may occur if the source address is filtered so that packets sent to it are not forwarded or if the source address is not unique to the network. In these cases, the replies sent from the rendezvous point to the source address fail to reach the designated router and result in PIM-SM protocol failures. If you do not configure an IP source address or if the configured source address is not in service, the IP address of the outgoing interface of the designated router leading to the rendezvous point is used as the IP source address of the register message. We recommend that you use a loopback interface with an IP address that is uniquely routed throughout the PIM-SM domain. Examples This example shows how to configure the IP source address of the register message to the loopback 3 interface of a designated router: Router(config)# ip pim register-source loopback 3 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-289 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim rp-announce-filter ip pim rp-announce-filter To filter incoming Auto-RP announcement messages coming from the rendezvous point, use the ip pim rp-announce-filter command. To remove the filter, use the no form of this command. ip pim [vrf vrf-name] rp-announce-filter rp-list access-list group-list access-list no ip pim [vrf vrf-name] rp-announce-filter rp-list access-list group-list access-list Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. rp-list access-list Specifies the number or name of a standard access list of rendezvous-point addresses that are allowable for the group ranges supplied in the group-list access-list combination. group-list access-list Specifies the number or name of a standard access list that describes the multicast groups that the RPs serve. Defaults All rendezvous-point announcements are accepted. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Configure this command on the PIM rendezvous-point mapping agent. We recommend that if you use more than one rendezvous-point mapping agent, make the filters among them consistent so that there are no conflicts in the mapping state when the announcing agent is removed. Examples This example shows how to configure the router to accept rendezvous-point announcements from rendezvous points in access list 1 for group ranges that are described in access list 2: Router(config)# ip pim rp-announce-filter rp-list 1 group-list 2 Router(config)# Related Commands Command Description access-list (IP standard) Defines a standard IP access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-290 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim rp-candidate ip pim rp-candidate To configure the router to advertise itself as a PIM Version 2 rendezvous-point candidate to the BSR, use the ip pim rp-candidate command. To remove this router as a rendezvous-point candidate, use the no form of this command. ip pim [vrf vrf-name] rp-candidate interface-type interface-number [group-list access-list] [bidir] no ip pim [vrf vrf-name] rp-candidate Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface-type interface-number IP address associated with this interface type and number is advertised as a candidate rendezvous-point address. group-list access-list (Optional) Specifies the standard IP access-list number or name that defines the group prefixes that are advertised with the rendezvous-point address. bidir (Optional) Indicates that the multicast groups that are specified by the access-list argument operate in bidirectional mode. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command causes the router to send a PIM Version 2 message advertising itself as a rendezvous-point candidate to the BSR. The addresses allowed by the access list, together with the router identified by the type and number, constitute the rendezvous point and its range of addresses for which it is responsible. Use this command only in backbone routers that have good connectivity to all parts of the PIM domain. A stub router that relies on an on-demand dialup link to connect to the rest of the PIM domain is not a good rendezvous-point candidate. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-291 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim rp-candidate Use this command with the bidir keyword when you want bidirectional forwarding and you are using the PIM Version 2 BSR mechanism to distribute group-to-rendezvous point mappings. Other options are as follows: • If you are using Auto-RP to distribute group-to-rendezvous point mappings, use the bidir keyword with the ip pim send-rp-announce command. • If you are not distributing group-to-rendezvous point mappings using either Auto-RP or the PIM Version 2 BSR mechanism, use the bidir keyword with the ip pim rp-address command. The access-list name cannot contain a space or quotation mark and must begin with an alphabetic character to avoid confusion with numbered access lists. If you enter this command without the bidir keyword, the groups that are specified operate in PIM sparse mode. Examples This example shows how to configure the router to advertise itself as a rendezvous-point candidate to the BSR in its PIM domain. Standard access-list number 4 specifies the group prefix that is associated with the rendezvous point that has the address identified by Ethernet interface 2. That rendezvous point is responsible for the groups with the prefix 239. Router(config)# ip pim rp-candidate 192.168.37.33 ethernet 2 group-list 4 access-list 4 permit 239.0.0.0 0.255.255.255 Router(config)# Related Commands Command Description ip pim bsr-candidate Configures the router to announce its candidacy as a BSR. ip pim rp-announce-filter Filters incoming Auto-RP announcement messages coming from the rendezvous point. ip pim send-rp-announce Uses Auto-RP to configure groups for which the router acts as a rendezvous point. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-292 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim send-rp-announce ip pim send-rp-announce To use Auto-RP to configure groups for which the router will act as a rendezvous point, use the ip pim send-rp-announce command. To deconfigure this router as a rendezvous point, use the no form of this command. ip pim [vrf vrf-name] send-rp-announce interface-type interface-number scope ttl-value [group-list access-list] [interval seconds] [bidir] no ip pim [vrf vrf-name] send-rp-announce Syntax Description Defaults vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface-type interface-number Interface type and number that is used to define the rendezvous-point address. scope ttl-value Time-to-live (TTL) value that limits the number of Auto-RP announcements; valid values are from 1 to 255. group-list access-list (Optional) Specifies the standard IP access-list number or name that defines the group prefixes that are advertised in association with the rendezvous-point address. interval seconds (Optional) Specifies the interval between rendezvous-point announcements in seconds; valid values are from 1 to 16383 seconds. bidir (Optional) Indicates that the multicast groups that are specified by the access-list argument operate in bidirectional mode. The default settings are as follows: • Auto-RP is disabled. • If enabled, the seconds is 60 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use this command in the router that you want as a rendezvous point. When you are using Auto-RP to distribute group-to-rendezvous point mappings, this command causes the router to send an Auto-RP announcement message to the well-known group CISCO-RP-ANNOUNCE (224.0.1.39). This message announces the router as a rendezvous-point candidate for the groups in the range that are described by the access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-293 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim send-rp-announce Use this command with the bidir keyword when you want bidirectional forwarding and you are using Auto-RP to distribute group-to-rendezvous point mappings. Other options are as follows: • If you are using the PIM Version 2 bootstrap router (PIMv2 BSR) mechanism to distribute group-to-rendezvous point mappings, use the bidir keyword with the ip pim rp-candidate command. • If you are not distributing group-to-rendezvous point mappings using either Auto-RP or the PIMv2 BSR mechanism, use the bidir keyword with the ip pim rp-address command. If you enter this command without the bidir keyword, the specified groups operate in PIM-SM. The access-list name cannot contain a space or quotation mark and must begin with an alphabetic character to avoid confusion with numbered access lists. The total holdtime of the rendezvous-point announcements is automatically set to three times the value of the interval. Examples This example shows how to send rendezvous-point announcements out all PIM-enabled interfaces for a maximum of 31 hops. The IP address by which the router wants to be identified as a rendezvous point is the IP address that is associated with Ethernet interface 0. Access list 5 describes the groups for which this router serves as a rendezvous point. Router(config)# ip pim send-rp-announce ethernet0 scope 31 group-list 5 access-list 5 permit 224.0.0.0 15.255.255.255 Related Commands Command Description access-list (IP standard) Defines a standard IP access list. ip pim rp-address Configures the address of a PIM rendezvous point for a particular group. ip pim rp-candidate Configures the router to advertise itself as a PIM Version 2 rendezvous-point candidate to the BSR. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-294 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim send-rp-discovery ip pim send-rp-discovery To configure the router as a rendezvous-point mapping agent, use the ip pim send-rp-discovery command. To restore the default value, use the no form of this command. ip pim [vrf vrf-name] send-rp-discovery [interface-type interface-number] scope ttl-value no ip pim [vrf vrf-name] send-rp-discovery Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface-type interface-number (Optional) Interface type and number that is used to define the rendezvous-point mapping agent address. scope ttl-value Specifies the time-to-live (TTL) value in the IP header that keeps the discovery messages within this number of hops; valid values are from 1 to 255. Defaults The router is not a rendezvous-point mapping agent. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Configure this command on the router that is designated as a rendezvous-point mapping agent. Specify a TTL large enough to cover your PIM domain. When Auto-RP is used, the following occurs: Examples 1. The rendezvous-point mapping agent listens on well-known group address CISCO-RP-ANNOUNCE (224.0.1.39), to which rendezvous-point candidates send. 2. The rendezvous-point mapping agent sends rendezvous point-to-group mappings in an Auto-RP rendezvous point discovery message to the well-known group CISCO-RP-DISCOVERY (224.0.1.40). The TTL value limits how many hops that the message can take. 3. PIM-designated routers listen to this group and use the rendezvous points that they learn about from the discovery message. This example shows how to limit Auto-RP rendezvous-point discovery messages to 20 hops: Router(config)# ip pim send-rp-discovery scope 20 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-295 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim snooping (global configuration mode) ip pim snooping (global configuration mode) To enable PIM snooping globally, use the ip pim snooping command. To disable PIM snooping globally, use the no form of this command. ip pim snooping no ip pim snooping Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines PIM snooping is not supported on groups that are connected to the reserved MAC address range (for example, 0100.5e00.00xx). When you disable PIM snooping globally, PIM snooping is disabled on all VLANs. Examples This example shows how to enable PIM snooping globally: Router(config)# ip pim snooping Router(config)# This example shows how to disable PIM snooping globally: Router(config)# no ip pim snooping Router(config)# Related Commands Command Description show ip pim snooping Displays the information about IP PIM snooping. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-296 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim snooping (interface configuration mode) ip pim snooping (interface configuration mode) To enable PIM snooping on an interface, use the ip pim snooping command. To disable PIM snooping on an interface, use the no form of this command. ip pim snooping no ip pim snooping Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines PIM snooping is not supported on groups that are connected to the reserved MAC address range (for example, 0100.5e00.00xx). You must enable PIM snooping globally before enabling PIM snooping on an interface. When you disable PIM snooping globally, PIM snooping is disabled on all VLANs. You can enable PIM snooping on VLAN interfaces only. Examples This example shows how to enable PIM snooping on a VLAN interface: Router(config)# interface vlan 101 Router(config-if)# ip pim snooping Router(config-f)# This example shows how to disable PIM snooping on a VLAN interface: Router(config-if)# no ip pim snooping Router(config-f)# Related Commands Command Description show ip pim snooping Displays information about IP PIM snooping. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-297 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim snooping dr-flood ip pim snooping dr-flood To enable flooding of the packets to the designated router, use the ip pim snooping dr-flood command. To disable the flooding of the packets to the designated router, use the no form of this command. ip pim snooping dr-flood no ip pim snooping dr-flood Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines PIM snooping is not supported on groups that are connected to the reserved MAC address range (for example, 0100.5e00.00xx). Enter the no ip pim snooping dr-flood command only on switches that have no designated routers attached. The designated router is programmed automatically in the (S,G) O-list. Examples This example shows how to enable flooding of the packets to the designated router: Router(config)# ip pim snooping dr-flood Router(config)# This example shows how to disable flooding of the packets to the designated router: Router(config)# no ip pim snooping dr-flood Router(config)# Related Commands Command Description show ip pim snooping Displays information about IP PIM snooping. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-298 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim spt-threshold ip pim spt-threshold To configure when a PIM leaf router should join the shortest path source tree for the specified group, use the ip pim spt-threshold command. To restore the default value, use the no form of this command. ip pim [vrf vrf-name] spt-threshold {kbps | infinity} [group-list access-list] no ip pim [vrf vrf-name] spt-threshold Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. kbps Traffic rate; valid values are from 0 to 4294967 kbps. infinity Causes all sources for the specified group to use the shared tree. group-list access-list (Optional) Specifies the groups to which the threshold applies. Defaults When this command is not used, the PIM leaf router joins the shortest path tree immediately after the first packet arrives from a new source. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If a source sends at a rate greater than or equal to the traffic rate (the kbps value), a PIM join message is triggered to construct a source tree. The group-list access-list must be an IP standard access-list number or name. If the value is 0 or is omitted, the threshold applies to all groups. If you specify the infinity keyword, all sources for the specified group use the shared tree. Specifying a group list access list indicates the groups to which the threshold applies. If the traffic rate from the source drops below the threshold traffic rate, the leaf router will, after some amount of time, switch back to the shared tree and send a prune message to the source. Examples This example shows how to set a threshold of 4 kbps. If the traffic rate goes above this threshold, the traffic to a group from a source causes the router to switch to the shortest path tree to that source: Router(config)# ip pim spt-threshold 4 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-299 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim ssm ip pim ssm To define the SSM range of IP multicast addresses, use the ip pim ssm command. To disable the SSM range, use the no form of this command. ip pim [vrf vrf-name] ssm {default | range access-list} no ip pim [vrf vrf-name] ssm Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. default Defines the SSM range access list as 232/8. range access-list Specifies the standard IP access-list number or name defining the SSM range. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When an SSM range of IP multicast addresses is defined by the ip pim ssm command, no MSDP source-active messages are accepted or originated in the SSM range. Examples This example shows how to configure the SSM service for the IP address range that is defined by access list 4: access-list 4 permit 224.2.151.141 Router(config)# ip pim ssm range 4 Related Commands Command Description ip igmp v3lite Enables acceptance and processing of IGMP v3lite membership reports on an interface. ip urd Enables interception of TCP packets sent to the reserved URD port 465 on an interface and processing of URD channel subscription reports. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-300 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip pim state-refresh disable ip pim state-refresh disable To disable the processing and forwarding of PIM dense-mode refresh-control messages on a PIM router, use the ip pim state-refresh disable command. To reenable the processing and forwarding of PIM dense-mode refresh-control messages, use the no form of this command. ip pim [vrf vrf-name] state-refresh disable no ip pim [vrf vrf-name] state-refresh disable Syntax Description vrf vrf-name Defaults The processing and forwarding of PIM dense-mode refresh-control messages is enabled on PIM routers that are running a Cisco IOS software release that supports the PIM dense-mode refresh-control feature. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. Usage Guidelines Configuring this command removes PIM dense-mode refresh-control information from PIM hello messages. Examples This example shows how to disable the periodic forwarding of the PIM dense-mode refresh-control message down a source-based IP multicast distribution tree: Router(config)# ip pim state-refresh disable Router(config)# Related Commands Command Description ip pim state-refresh origination-interval Configures the origination of and the interval for PIM dense-mode state refresh-control messages on a PIM router. show ip pim interface Displays information about interfaces configured for PIM. show ip pim neighbor Displays the list that the PIM neighbors discovered. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-301 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip rgmp ip rgmp To enable RGMP on an interface, use the ip rgmp command. To disable RGMP, use the no form of this command. ip rgmp no ip rgmp Syntax Description This command has no arguments or keywords. Defaults The defaults are as follows: • Enabled on Layer 2 interfaces (not configurable) • Disabled on Layer 3 interfaces Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines These restrictions apply to RGMP on the PISA: • You can enable RGMP on interfaces that are configured to support multicast routing. • You must enable IGMP snooping on the Catalyst 6500 series switch. • You must enable PIM on the Catalyst 6500 series switch. • RGMP supports PIM sparse mode only. RGMP does not support PIM dense mode. RGMP explicitly supports the two AutoRP groups in dense mode by not restricting traffic to those groups but by flooding it to all router ports. For this reason, you should configure PIM sparse-dense mode. If you configure groups other than the AutoRP groups for dense mode, their traffic will not be correctly forwarded through router ports that have been enabled for RGMP. • To effectively constrain multicast traffic with RGMP, connect RGMP-enabled routers to separate ports on RGMP-enabled Catalyst 6500 series switches. • RGMP constrains only the traffic that exits through ports on which it detects an RGMP-enabled router. If a non-RGMP enabled router is detected on a port, that port receives all multicast traffic. • RGMP does not support directly connected sources in the network. A directly connected source sends traffic into the network without signaling this information through RGMP or PIM. This traffic is not received by an RGMP-enabled router unless the router already requested receipt of that group through RGMP. This restriction applies to hosts and to functions in routers that source multicast traffic, such as the ping and mtrace commands, and multicast applications that source multicast traffic such as UDPTN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-302 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip rgmp Examples • RGMP supports directly connected receivers in the network. Traffic to these receivers is restricted by IGMP snooping, or if the receiver is a router itself, by PIM and RGMP. CGMP is not supported in networks where RGMP is enabled on routers. • Enabling RGMP and CGMP on a router interface is mutually exclusive. If RGMP is enabled on an interface, CGMP is silently disabled or vice versa. This example shows how to enable RGMP: Router(config-if)# ip rgmp Router(config-if)# This example shows how to disable RGMP: Router(config-if)# no ip rgmp Router(config-if)# Related Commands Command Description show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-303 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip route-cache flow ip route-cache flow To enable NetFlow switching for IP routing, use the ip route-cache flow command. To disable NetFlow switching, use the no form of this command. ip route-cache flow no ip route-cache flow Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines NetFlow switching captures a set of traffic statistics as part of its switching function. These traffic statistics include user, protocol, port, and type of service information that can be used for network analysis and planning, accounting, and billing. To export NetFlow data, use the ip flow-export destination or the ip flow-export source command in the global configuration mode. NetFlow switching is supported on IP and IP-encapsulated traffic over all interface types and encapsulations except for ISL/VLAN, ATM, Frame Relay interfaces when more than one input access control list is used on the interface, and ATM LANE. For additional information on NetFlow switching, refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Note Examples NetFlow does consume additional memory and CPU resources compared to other switching modes; we recommend that you understand the resources that are required on your router before you enable NetFlow. This example shows how to enable NetFlow switching on the interface: Router(config-if)# ip route-cache flow Router(config-if)# This example shows how to return the interface to its defaults (fast switching enabled; autonomous switching disabled): Router(config-if)# no ip route-cache flow Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-304 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip route-cache flow Related Commands Command Description ip flow-export destination Exports the NetFlow cache entries to a specific destination. show ip cache flow Displays a summary of the NetFlow cache-flow entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-305 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip sticky-arp (global configuration) ip sticky-arp (global configuration) To enable sticky ARP, use the ip sticky-arp command. To disable sticky ARP, use the no form of this command. ip sticky-arp no ip sticky-arp Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can enter the ip sticky-arp (interface configuration) command to disable sticky ARP on a specific interface. ARP entries that are learned on Layer 3 interfaces are sticky ARP entries. We recommend that you display and verify ARP entries on the Layer 3 interface using the show arp command. For security reasons, sticky ARP entries on the Layer 3 interface do not age out. Connecting new equipment with the same IP address generates a message and the ARP entry is not created. Because the ARP entries on the Layer 3 interface do not age out, you must manually remove ARP entries on the Layer 3 interface if a MAC address changes. Unlike static entries, sticky-ARP entries are not stored and restored when you enter the reboot and restart commands. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-306 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip sticky-arp (global configuration) Examples This example shows how to enable sticky ARP: Router(config) ip sticky-arp Router(config) This example shows how to disable sticky ARP: Router(config) no ip sticky-arp Router(config) Related Commands Command Description arp Enables ARP entries for static routing over the SMDS network. ip sticky-arp (interface configuration) Enables sticky ARP on an interface. show arp Displays the ARP table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-307 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip sticky-arp (interface configuration) ip sticky-arp (interface configuration) To enable sticky ARP on an interface, use the ip sticky-arp command. To remove the command, use the no form of this command. ip sticky-arp [ignore] no ip sticky-arp [ignore] Syntax Description ignore Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Overwrites the ip sticky-arp (global configuration) command. You can enter this command on any Layer 3 interface. You can enter the ip sticky-arp ignore command to overwrite the PVLAN sticky-ARP global configuration on a specific interface. Examples This example shows how to enable sticky ARP on an interface: Router(config-if) ip sticky-arp Router(config-if) This example shows how to remove the previously configured command on an interface: Router(config-if) no ip sticky-arp Router(config-if) This example shows how to disable sticky ARP on an interface: Router(config-if) ip sticky-arp ignore Router(config-if) Related Commands Command Description arp Enables ARP entries for static routing over the SMDS network. ip sticky-arp (global configuration) Enables sticky ARP. show arp Displays the ARP table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-308 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip unnumbered ip unnumbered To enable IP processing on a serial interface without assigning an explicit IP address to the interface, use the ip unnumbered command. To disable IP processing on the interface, use the no form of this command. ip unnumbered interface-type number no ip unnumbered interface-type number Syntax Description interface-type number Defaults Disabled Command Modes Interface configuration or Ethernet VLAN subinterface Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Type and number of another interface on which the router has an assigned IP address; the interface cannot be another unnumbered interface. The interface that you specify by the interface-type number arguments must be enabled (listed as “up” in the show interfaces command display). The unnumbered interfaces and subinterfaces support peer IP address allocation through DHCP and have DHCP option 82 support. The following restrictions apply when using IP unnumbering: Examples • You cannot enable IP unnumbering for a range of interfaces or subinterfaces that are configured through an interface or a subinterface range configuration. • You cannot use the ping EXEC command to determine whether the interface is up, because the interface has no address. You can use SNMP to monitor the interface status remotely. • You cannot boot a runnable image over an unnumbered serial interface. • You cannot support IP security options on an unnumbered interface. This example shows how to enable the IP unnumbered feature in the subinterface mode for Ethernet VLAN subinterfaces: Router (config)# interface fastethernet1/0.1 Router (config-subif)# encapsulation dot1q 10 Router (config-subif)# ip unnumbered ethernet 3/0 This example shows how to disable the IP unnumbered feature for Ethernet physical interfaces: Router (config)# interface fastethernet 1 Router (config-if)# no ip unnumbered loopback 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-309 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip unnumbered Router (config-if)# Related Commands Command Description show ipv6 mld snooping explicit-tracking vlan Displays MLDv2 snooping information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-310 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mfib-cef ipv6 mfib-cef To enable CEF-based (interrupt level) IPv6 multicast forwarding for outgoing packets on a specific interface, use the ipv6 mfib-cef command. To disable CEF-based IPv6 multicast forwarding, use the no form of this command. ipv6 mfib-cef no ipv6 mfib-cef Syntax Description This command has no keywords or arguments. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines CEF-based (interrupt level) IPv6 multicast forwarding is enabled by default when you enable CEF-based IPv6 multicast routing. Use the show ipv6 mfib interface command to display the multicast forwarding interface status. Examples This example shows how to enable CEF-based IPv6 multicast forwarding: Router(config-if) ipv6 mfib-cef Router(config-if) This example shows how to disable CEF-based IPv6 multicast forwarding: Router(config-if) no ipv6 mfib-cef Router(config-if) Related Commands Command Description show ipv6 mfib interface Displays information about IPv6 multicast-enabled interfaces and their forwarding status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-311 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mfib hardware-switching ipv6 mfib hardware-switching To configure hardware switching for IPv6 multicast packets on a global basis, use the ipv6 mfib hardware-switching command. To return to the default settings, use the no form of this command. ipv6 mfib hardware-switching [connected | {replication-mode ingress}] no ipv6 mfib hardware-switching [connected | {replication-mode ingress}] Syntax Description Defaults connected (Optional) Allows you to download the interface and mask entry. replication-mode ingress (Optional) Sets the hardware replication mode to ingress. The defaults are as follows: • connected—Enabled; installs subnet entries in the ACL-TCAM. • replication-mode—Automatically detected; but can be forced to ingress. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can use the ipv6 mfib hardware-switching command for PIM SSM and PIM Bidir to prevent installation of the subnet entries on a global basis. Examples This example shows how to prevent the installation of the subnet entries on a global basis: Router(config) ipv6 mfib hardware-switching Router(config) This example shows how to set the hardware replication mode to ingress: Router(config) ipv6 mfib hardware-switching replication-mode Router(config) Related Commands Command Description show platform software ipv6-multicast Displays information about the platform software IPv6 multicast. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-312 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping ipv6 mld snooping To enable the MLDv2 snooping globally, use the ipv6 mld snooping command. To disable the MLDv2 snooping globally, use the no form of this command. ipv6 mld snooping no ipv6 mld snooping Syntax Description This command has no keywords or arguments. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To use MLDv2 snooping, configure a Layer 3 interface in the subnet for IPv6 multicast routing or enable the MLDv2 snooping querier in the subnet. Examples This example shows how to enable MLDv2 snooping globally: Router(config)# ipv6 mld snooping Router(config)# Related Commands Command Description show ipv6 mld snooping Displays MLDv2 snooping information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-313 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping explicit-tracking ipv6 mld snooping explicit-tracking To enable explicit host tracking, use the ipv6 mld snooping explicit-tracking command. To disable the explicit host tracking, use the no form of this command. ipv6 mld snooping explicit-tracking no ipv6 mld snooping explicit-tracking Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Explicit host tracking is supported only with MLDv2 hosts. When you enable explicit host tracking and the Catalyst 6500 series switch is working in proxy-reporting mode, the router may not be able to track all the hosts that are behind a VLAN interface. In proxy-reporting mode, the Catalyst 6500 series switch forwards only the first report for a channel to the router and suppresses all other reports for the same channel. With MLDv2 proxy reporting, the Catalyst 6500 series switch does proxy reporting for unsolicited reports and reports that are received in the general query interval. Proxy reporting is turned on by default. When you disable proxy reporting, the Catalyst 6500 series switch works in transparent mode and updates the MLDv2 snooping database as it receives reports and forwards this information to the upstream router. The router can then explicitly track all reporting hosts. Disabling explicit tracking disables fast-leave processing and proxy reporting. MLDv2 supports explicit host tracking of membership information on any port. The explicit host-tracking database is used for fast-leave processing for MLDv2 hosts, proxy reporting, and statistics collection. When you enable explicit host tracking on a VLAN, the MLDv2 snooping software processes the MLDv2 report that it receives from a host and builds an explicit host-tracking database that contains the following information: • The port that is connected to the host. • The channels that are reported by the host. • The filter mode for each group that are reported by the host. • The list of sources for each group that are reported by the hosts. • The router filter mode of each group. • The list of hosts for each group that request the source. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-314 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping explicit-tracking Examples This example shows how to enable explicit host tracking: Router(config-if)# ipv6 mld snooping explicit-tracking Router(config-if)# Related Commands Command Description ipv6 mld snooping limit Configures the MLDv2 limits. show ipv6 mld snooping explicit-tracking Displays MLDv2 snooping information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-315 Chapter 2 ipv6 mld snooping last-member-query-interval Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping last-member-query-interval To configure the last member query interval for MLDv2 snooping, use the ipv6 mld snooping last-member-query-interval command. To return to the default settings, use the no form of this command. ipv6 mld snooping last-member-query-interval interval no ipv6 mld snooping last-member-query-interval Syntax Description interval Defaults 1000 milliseconds (1 second); see the “Usage Guidelines” section for additional information. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Interval for the last member query; valid values are from 100 to 900 milliseconds in multiples of 100 milliseconds. When a multicast host leaves a group, the host sends an MLDv2 leave. To check if this host is the last to leave the group, an MLDv2 query is sent out when the leave is seen and a timer is started. If no reports are received before the timer expires, the group record is deleted. The interval is the actual time that the Catalyst 6500 series switch waits for a response for the group-specific query. If you enter an interval that is not a multiple of 100, the interval is rounded to the next lowest multiple of 100. For example, if you enter 999, the interval is rounded down to 900 milliseconds. If you enable MLDv2 fast-leave processing and you enter the no ipv6 mld snooping last-member-query-interval command, the interval is set to 0 seconds; fast-leave processing always assumes a higher priority. Even though the valid interval range is 100 to 1000 milliseconds, you cannot enter a value of 1000. If you want this value, you must enter the no ipv6 mld snooping last-member-query-interval command and return to the default value (1000 milliseconds). Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-316 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping last-member-query-interval Examples This example shows how to configure the last-member-query-interval to 200 milliseconds: Router(config-if)# ipv6 mld snooping last-member-query-interval 200 Router(config-if)# Related Commands Command Description show ipv6 mld snooping Displays MLDv2 snooping information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-317 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping limit ipv6 mld snooping limit To configure the MLDv2 limits, use the ipv6 mld snooping limit command. To return to the default settings, use the no form of this command. ipv6 mld snooping limit {{l2-entry-limit max-entries} | {rate pps} | {track max-entries}} no ipv6 mld snooping limit {l2-entry-limit | rate | track} Syntax Description l2-entry-limit max-entries Specifies the maximum number of Layer 2 entries that can be installed by MLD snooping; valid values are from 1 to 100000 entries. rate pps Specifies the rate limit of incoming MLDv2 messages; valid values are from 100 to 6000 packets per second. track max-entries Specifies the maximum number of entries in the explicit-tracking database; valid values are from 0 to 128000 entries. Defaults max-entries is 32000. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Each entry in the explicit-tracking database is identified by the source IP, group IP, port, VLAN, and reporter IP. When you set the max-entries to 0, explicit-tracking is disabled. When the explicit-tracking database exceeds the configured max-entries, a syslog message is generated. When you reduce the max-entries, the explicit-tracking database does not decrease in size immediately. The explicit-tracking database gradually shrinks as reporters time out. Examples This example shows how to set the maximum number of Layer 2 entries that can be installed by MLD snooping: Router(config)# ipv6 mld snooping limit l2-entry-limit 20000 Router(config)# This example shows how to set the rate limit for incoming MLDv2-snooping packets: Router(config)# ipv6 mld snooping limit rate 200 Router(config)# This example shows how to configure the maximum number of entries in the explicit-tracking database: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-318 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping limit Router(config)# ipv6 mld snooping limit track 20000 Router(config)# This example shows how to disable software rate limiting: Router(config)# no ipv6 mld snooping limit rate Router(config)# Related Commands Command Description ipv6 mld snooping explicit-tracking Enables explicit host tracking. show ipv6 mld snooping Displays the information about the snooping status for MLDv2 hosts. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-319 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping mrouter ipv6 mld snooping mrouter To configure a Layer 2 port as a multicast router port, use the ipv6 mld snooping mrouter command. ipv6 mld snooping mrouter {interface type slot/port} Syntax Description interface type Specifies the interface type: valid values are ethernet, fastethernet, gigabitethernet, or tengigabitethernet. slot/ports Module and port number. Defaults None configured Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To configure a static connection to a multicast router, use the mac-address-table static command. Examples This example shows how to configure a Layer 2 port as a multicast router port: Router(config-if)# ipv6 mld snooping mrouter interface fastethernet 5/6 Router(config-if)# Related Commands Command Description show ipv6 mld snooping Displays MLDv2 snooping information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-320 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping querier ipv6 mld snooping querier To enable the MLDv2 snooping querier, use the ipv6 mld snooping querier command. To disable the MLDv2 snooping querier, use the no form of this command. ipv6 mld snooping querier no ipv6 mld snooping querier Syntax Description This command has no keywords or arguments. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Configure an IPv6 address on the VLAN interface. When enabled, the MLDv2 snooping querier uses the IPv6 address as the query source address. If there is no IPv6 address configured on the VLAN interface, the MLDv2 snooping querier does not start. The MLDv2 snooping querier disables itself if the IPv6 address is cleared. When enabled, the MLDv2 snooping querier restarts if you configure an IPv6 address. When enabled, the MLDv2 snooping querier does not start if it detects MLDv2 traffic from an IPv6 multicast router. When enabled, the MLDv2 snooping querier starts after 60 seconds if it detects no MLDv2 traffic from an IPv6 multicast router. When enabled, the MLDv2 snooping querier disables itself if it detects MLDv2 traffic from an IPv6 multicast router. You can enable the MLDv2 snooping querier on all the Catalyst 6500 series switches in the VLAN that support it. One switch is elected as the querier. Examples This example shows how to enable the MLDv2 snooping querier on VLAN 200: Router# interface vlan 200 Router(config-if)# ipv6 mld snooping querier Related Commands Command Description show ipv6 mld snooping Displays MLDv2 snooping information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-321 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ipv6 mld snooping report-suppression ipv6 mld snooping report-suppression To enable report suppression on a VLAN, use the ipv6 mld snooping report-suppression command. To disable report suppression on a VLAN, use the no form of this command. ipv6 mld snooping report-suppression no ipv6 mld snooping report-suppression Syntax Description This command has no keywords or arguments. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You must enable explicit tracking before enabling report suppression. This command is supported on VLAN interfaces only. Examples This example shows how to enable explicit host tracking: Router(config-if)# ipv6 mld snooping report-suppression Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-322 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip verify unicast reverse-path ip verify unicast reverse-path To enable unicast RPF, use the ip verify unicast reverse-path command. To disable unicast RPF, use the no form of this command. ip verify unicast reverse-path [allow-self-ping] [list] no ip verify unicast reverse-path [allow-self-ping] [list] Syntax Description allow-self-ping (Optional) Allows the Catalyst 6500 series switch to ping itself. list (Optional) Access-list number; valid values are from 1 to 199 for a standard or extended IP access-list number and from 1300 to 2699 for a standard or extended IP expanded access-list number. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Use the ip verify unicast reverse-path command to mitigate problems that are caused by malformed or forged (spoofed) IP source addresses that pass through a Catalyst 6500 series switch. Malformed or forged source addresses can indicate DoS attacks that are based on source IP address spoofing. Unicast RPF is an input function and is applied only on the input interface of a Catalyst 6500 series switch at the upstream end of a connection. If you do not specify an ACL in the ip verify unicast reverse-path command, the Catalyst 6500 series switch drops the forged or malformed packet immediately and no ACL logging occurs. The Catalyst 6500 series switch and interface unicast RPF counters are updated. You can log unicast RPF events by specifying the logging option for the ACL entries that are used by the ip verify unicast reverse-path command. You can use the logging option to gather information about the attack, such as the source address, time, and so on. Note With unicast RPF, all equal-cost “best” return paths are considered valid. Unicast RPF works when multiple return paths exist, if each path is equal to the others in the routing cost (such as the number of hops, weights, and so on), and the route is in the FIB. Unicast RPF also functions where EIGRP variants are used and unequal candidate paths that go back to the source IP address exist. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-323 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip verify unicast reverse-path Do not use unicast RPF on interfaces that are internal to the network. Internal interfaces might have routing asymmetry, which means that there are multiple routes to the source of a packet. You should apply unicast RPF only where there is natural or configured symmetry. Routers at the edge of a service-provider network are more likely to have symmetrical reverse paths than routers that are in the core of the network. Routers that are in the core of the service-provider network have no guarantee that the best forwarding path out of the router is the path that is selected for packets returning to the router. We do not recommend that you apply unicast RPF where there is a chance of asymmetric routing. You should place unicast RPF only at the edge of a network. In a service-provider network, you should place the unicast RPF at the customer edge of the network. Examples This example shows how to enable unicast RPF on a serial interface: Router(config-if)# ip verify unicast reverse-path Router(config-if)# Related Commands Command Description ip cef Enables CEF on the route processor. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-324 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip verify unicast source reachable-via ip verify unicast source reachable-via To enable and configure RPF checks, use the ip verify unicast source reachable-via command. To disable RPF, use the no form of this command. ip verify unicast source reachable-via {rx | any} [allow-default] [allow-self-ping] [list] no ip verify unicast source reachable-via Syntax Description rx Checks that the source address is reachable on the interface where the packet was received. any Checks that the source address is reachable on any path. allow-default (Optional) Checks that the default route matches the source address. allow-self-ping (Optional) Allows the router to ping itself. list (Optional) Access-list number; valid values are from 1 to 199 for a standard IP access-list number and from 1300 to 2699 for a standard IP expanded access-list number. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Unicast RPF is not supported on PVLAN host ports. Unicast RPF provides three basic modes: Note • Exists-only mode—A source address needs to be present only in the FIB and reachable through a “real” interface; this situation also applies to the ip verify unicast source reachable-via any allow-default command. The exists-only mode requires that a resolved and reachable source address is present in the FIB table. The source address must be reachable through a configured interface. • Any mode—The source must be reachable through any of the paths. For example, the source has per-destination load balancing. • Rx mode—A source address must be reachable on the arrived interface. For example, the source must be reachable without load balancing. Unicast RPF is an input function and is applied only on the input interface of a router at the upstream end of a connection. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-325 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip verify unicast source reachable-via When configuring uRPF check, use the following guidelines and restrictions: • If you configure uRPF check to filter with an ACL, the PFC determines whether or not traffic matches the ACL. The PFC sends the traffic denied by the RPF ACL to the PISA for the uRPF check. Packets permitted by the ACL are forwarded in hardware without a uRPF check. You can enter the mls ip cef rpf hw-enable-rpf-acl command to subject to RPF check and forwarding in hardware and the Packets that are denied by the uRPF ACL are forwarded in hardware and the packets that are permitted by ACL are sent to software. • Because the packets in a DoS attack typically match the deny ACE and are sent to the PISA for the uRPF check, they can overload the PISA. You can enter the mls ip cef rpf hw-enable-rpf-acl command in these cases since DOS packets matching the deny ACE are processed in hardware. Do not use unicast RPF on interfaces that are internal to the network. Internal interfaces might have routing asymmetry, which means that there are multiple routes to the source of a packet. You should apply unicast RPF only where there is natural or configured symmetry. Examples This example shows how to enable unicast RPF exist-only checking mode: Router(config-if)# ip verify unicast source reachable-via any Router(config-if)# Related Commands Command Description ip cef Enables CEF on the route processor. show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-326 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip wccp group-listen ip wccp group-listen To enable the reception of IP multicast packets for WCCP, use the ip wccp group-listen command mode. To disable the reception of IP multicast packets for WCCP, use the no form of this command. ip wccp {web-cache | {service-number | service-name}} group-listen no ip wccp {web-cache | {service-number | service-name}} group-listen Syntax Description web-cache Directs the router to send packets to the web cache service. service-number WCCP service number; valid values are from 0 to 99. service-name WCCP service name; the valid value is web-cache. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note To ensure that the command operates correctly, you must enter the ip pim mode command in addition to the ip wccp group-listen command. The service-number may be either web-cache or a number representing a cache engine dynamically defined definition. Once the service is enabled, the Catalyst 6500 series switch can participate in the establishment of a service group. On Catalyst 6500 series switches that are to be members of a service group when IP multicast is used, the following configuration is required: Examples • You must configure the IP multicast address for use by the WCCP service group. • You must configure the ip wccp {web-cache | service-number} group-listen command on the interfaces that are to receive the IP multicast address. This example shows how to enable the multicast packets for a web cache with a multicast address of 224.1.1.100: router# configure terminal router(config)# ip wccp web-cache group-address 244.1.1.100 router(config)# interface ethernet 0 router(config-if)# ip wccp web-cache group-listen Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-327 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip wccp group-listen Related Commands Command Description ip wccp Directs a router to enable or disable the support for a cache engine service group. ip wccp redirect Enables packet redirection on an outbound or inbound interface using WCCP. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-328 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip wccp redirect ip wccp redirect To enable packet redirection on an outbound or inbound interface using WCCP, use the ip wccp redirect command. To disable WCCP redirection, use the no form of this command ip wccp {web-cache | service-number} redirect {in | out} no ip wccp {web-cache | service-number} redirect {in | out} Syntax Description web-cache Enables the web-cache service. service-number Identification number of the cache engine service group controlled by a router; valid values are from 0 to 99. If Cisco cache engines are used in the cache cluster, the reverse proxy service is indicated by a value of 99. redirect Enables packet redirection checking on an outbound or inbound interface. in Specifies packet redirection on an inbound interface. out Specifies packet redirection on an outbound interface. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The ip wccp redirect in command allows you to configure WCCP redirection on an interface that receives inbound network traffic. When the command is applied to an interface, all packets that arrive at that interface are compared with the criteria that is defined by the specified WCCP service. If the packets match the criteria, they are redirected. The ip wccp redirect out command allows you to configure the WCCP redirection check at an outbound interface. Note This command can affect the ip wccp redirect exclude in command. If you have the ip wccp redirect exclude in command set on an interface and you configure the ip wccp redirect in command, the ip wccp redirect exclude in command is overridden. The opposite is also true: configuring the ip wccp redirect exclude in command overrides the ip wccp redirect in command. For a complete description of the WCCP configuration commands, including a list of commands that have changed since Cisco IOS Release 12.0, refer to the “WCCP Commands” chapter in the “Cisco IOS System Management Commands” part of the Cisco IOS Release 12.2 Command Reference. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-329 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip wccp redirect Examples This example shows how to configure a session in which the reverse proxy packets on the Ethernet interface 0 are checked for redirection and are redirected to a Cisco cache engine: Router# configure terminal Router(config)# ip wccp 99 Router(config)# interface ethernet 0 Router(config-if)# ip wccp 99 redirect out This example shows how to configure a session in which the HTTP traffic that arrives on interface 0/1 is redirected to a Cisco cache engine: Router# configure terminal Router(config)# ip wccp web-cache Router(config)# interface ethernet 0/1 Router(config-if)# ip wccp web-cache redirect in Related Commands Command Description show ip interface Displays the usability status of interfaces that are configured for IP. show ip wccp Displays the WCCP statistics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-330 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip wccp web-cache accelerated ip wccp web-cache accelerated To enable the hardware acceleration for WCCP version 1, use the ip wccp web-cache accelerated command. To disable hardware acceleration, use the no form of this command. ip wccp web-cache accelerated {[group-address groupaddress] [redirect-list access-list] [group-list access-list] [password password]} no ip wccp web-cache accelerated Syntax Description group-address groupaddress (Optional) Directs the router to use a specified multicast IP address for communication with the WCCP service group. See the “Usage Guidelines” section for additional information. redirect-list access-list (Optional) Directs the router to use an access list to control traffic that is redirected to this service group. See the “Usage Guidelines” section for additional information. group-list access-list (Optional) Directs the router to use an access list to determine which cache engines are allowed to participate in the service group. See the “Usage Guidelines” section for additional information. password password (Optional) Specifies a string that directs the router to apply MD5 authentication to messages received from the service group specified by the service name given. See the “Usage Guidelines” section for additional information. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on software releases later than cache engine software Release ACNS 4.2.1. The group-address groupaddress option requires a multicast address that is used by the router to determine which cache engine should receive redirected messages. This option instructs the router to use the specified multicast IP address to coalesce the “I See You” responses for the “Here I Am” messages that it has received on this group address. In addition, the response is sent to the group address. The default is for no group-address to be configured, so that all “Here I Am” messages are responded to with a unicast reply. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-331 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA ip wccp web-cache accelerated The redirect-list access-list option instructs the router to use an access list to control the traffic that is redirected to the cache engines of the service group that is specified by the service-name given. The access-list argument specifies either a number from 1 to 99 to represent a standard or extended access-list number or a name to represent a named standard or extended access list. The access list specifies the traffic that is permitted to be redirected. The default is for no redirect-list to be configured (all traffic is redirected). The group-list access-list option instructs the router to use an access list to control the cache engines that are allowed to participate in the specified service group. The access-list argument specifies either a number from 1 to 99 to represent a standard access-list number or a name to represent a named standard access list. The access list specifies which cache engines are permitted to participate in the service group. The default is for no group-list to be configured, so that all cache engines may participate in the service group. The password can be up to seven characters. When you designate a password, the messages that are not accepted by the authentication are discarded. The password name is combined with the HMAC MD5 value to create security for the connection between the router and the cache engine. Examples This example shows how to enable the hardware acceleration for WCCP version 1: Router(config)# ip wccp web-cache accelerated Router(config)# Related Commands Command Description ip wccp version Specifies which version of WCCP to configure on your router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-332 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel l2protocol-tunnel To enable the protocol tunneling on an interface and specify the type of protocol to be tunneled, use the l2protocol-tunnel command. To disable protocol tunneling, use the no form of this command. l2protocol-tunnel [{cdp | stp | vtp}] no l2protocol-tunnel [{cdp | stp | vtp}] Syntax Description cdp (Optional) Enables CDP tunneling. stp (Optional) Enables STP tunneling. vtp (Optional) Enables VTP tunneling. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines On all the service provider edge switches, you must enable PortFast BPDU filtering on the 802.1Q tunnel ports by entering these commands: Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Note PortFast BPDU filtering is enabled automatically on tunnel ports. If you do not specify a protocol, all protocols are tunneled. You can configure protocol tunneling on VLAN and trunk interfaces. You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 interface before you can enter additional switchport commands with keywords. This action is required only if you have not entered the switchport command for the interface. Examples This example shows how to enable a tunneling protocol on an interface: Router(config-if)# l2protocol-tunnel cdp Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-333 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel This example shows how to disable a tunneling protocol on an interface: Router(config-if)# no l2protocol-tunnel Protocol tunneling disabled on interface fastEthernet 4/1 Router(config-if)# Related Commands Command Description show l2protocol-tunnel Displays the protocols that are tunneled on an interface or on all interfaces. switchport Modifies the switching characteristics of the Layer 2-switched interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-334 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel cos l2protocol-tunnel cos To specify a CoS value globally on all ingress Layer-2 protocol tunneling ports, use the l2protocol-tunnel cos command. To return to the default settings, use the no form of this command. l2protocol-tunnel cos cos-value no l2protocol-tunnel cos Syntax Description cos-value Defaults The cos-value is 5. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines CoS value; valid values are from 0 to 7. The cos-value is the CoS value that you assign to the PDUs on a Layer 2-protocol tunnel port before tunneling the PDUs through the service-provider network. You can specify a CoS value globally on all ingress Layer 2-protocol tunneling ports. Because the CoS value applies to all ingress tunneling ports, all encapsulated PDUs that are sent out by the Catalyst 6500 series switch have the same CoS value. On all the service-provider edge switches, you must enable PortFast BPDU filtering on the 802.1Q tunnel ports by entering these commands: Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Note Examples PortFast BPDU filtering is enabled automatically on tunnel ports. This example shows how to specify a CoS value on all ingress Layer 2-protocol tunneling ports: Router(config)# l2protocol-tunnel cos 6 Router(config)# Related Commands Command Description show l2protocol-tunnel Displays the protocols that are tunneled on an interface or on all interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-335 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel drop-threshold l2protocol-tunnel drop-threshold To specify the maximum number of packets that can be processed for the specified protocol on that interface before being dropped, use the l2protocol-tunnel drop-threshold command. To reset all the threshold values to 0 and disable the drop threshold, use the no form of this command. l2protocol-tunnel drop-threshold [cdp | stp | vtp] packets no l2protocol-tunnel drop-threshold [cdp | stp | vtp] Syntax Description cdp (Optional) Specifies CDP packets. stp (Optional) Specifies STP packets. vtp (Optional) Specifies VTP packets. packets Maximum number of packets; valid values are from 1 to 4096 packets. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines On all the service-provider edge switches, you must enable PortFast BPDU filtering on the 802.1Q tunnel ports by entering these commands: Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Note PortFast BPDU filtering is enabled automatically on tunnel ports. If you do not specify a protocol, the threshold applies to all protocols. You can configure protocol tunneling on switch ports only. You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 interface before you can enter additional switchport commands with keywords. This action is required only if you have not entered the switchport command for the interface. Refer to the “Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling” chapter of the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for additional information on setting the drop threshold value. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-336 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel drop-threshold Examples This example shows how to set the drop threshold: Router(config-if)# switchport Router(config-if)# l2protocol-tunnel drop-threshold 3000 Router(config-if)# Related Commands Command Description l2protocol-tunnel Enables the protocol tunneling on an interface and specifies the type of protocol to be tunneled. l2protocol-tunnel cos Specifies a CoS value globally on all ingress Layer-2 protocol tunneling ports. l2protocol-tunnel global drop-threshold Enables rate limiting at the software level. l2protocol-tunnel shutdown-threshold Specifies the maximum number of packets that can be processed for the specified protocol on that interface in 1 second. show l2protocol-tunnel Displays the protocols that are tunneled on an interface or on all interfaces. switchport Modifies the switching characteristics of the Layer 2-switched interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-337 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel global drop-threshold l2protocol-tunnel global drop-threshold To enable rate limiting at the software level, use the l2protocol-tunnel global drop-threshold command. To disable the software rate limiter on the Catalyst 6500 series switch, use the no form of this command. l2protocol-tunnel global drop-threshold threshold no l2protocol-tunnel global drop-threshold Syntax Description threshold Defaults Global thresholds are not configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Maximum rate of incoming PDUs before excessive PDUs are dropped; valid values are from 100 to 20000 PDUs. Usage Guidelines All three PDUs (normal BPDU, CDP, and VTP packets) that arrive on Layer 2-protocol tunnel-enabled ports are rate limited. Rate limiting occurs in the ingress direction in Layer 2-protocol tunneling. If the rate of the incoming PDUs exceeds the configured threshold, the excessive PDUs are dropped. Examples This example shows how to enable rate limiting globally: Router(config)# l2protocol-tunnel global drop-threshold 3000 Router(config)# Related Commands Command Description l2protocol-tunnel Enables the protocol tunneling on an interface and specifies the type of protocol to be tunneled. l2protocol-tunnel cos Specifies a CoS value globally on all ingress Layer-2 protocol tunneling ports. l2protocol-tunnel drop-threshold Specifies the maximum number of packets that can be processed for the specified protocol on that interface before being dropped. l2protocol-tunnel shutdown-threshold Specifies the maximum number of packets that can be processed for the specified protocol on that interface in 1 second. show l2protocol-tunnel Displays the protocols that are tunneled on an interface or on all interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-338 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel shutdown-threshold l2protocol-tunnel shutdown-threshold To specify the maximum number of packets that can be processed for the specified protocol on that interface in 1 second, use the l2protocol-tunnel shutdown-threshold command. To reset all the threshold values to 0 and disable the shutdown threshold, use the no form of this command. l2protocol-tunnel shutdown-threshold [cdp | stp | vtp] packets no l2protocol-tunnel shutdown-threshold [cdp | stp | vtp] packets Syntax Description cdp (Optional) Specifies CDP tunneling. stp (Optional) Specifies STP tunneling. vtp (Optional) Specifies VTP tunneling. packets Shutdown threshold; valid values are from 1 to 4096. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When the number of packets is exceeded, the port is put in error-disabled state. On all the service-provider edge switches, you must enable PortFast BPDU filtering on the 802.1Q tunnel ports by entering these commands: Router(config-if)# spanning-tree bpdufilter enable Router(config-if)# spanning-tree portfast Note PortFast BPDU filtering is enabled automatically on tunnel ports. If you do not specify a protocol, the packets value applies to all protocols. You can configure protocol tunneling on switch ports only. You must enter the switchport command once without any keywords to configure the LAN port as a Layer 2 interface before you can enter additional switchport commands with keywords. This action is required only if you have not entered the switchport command for the interface. Refer to the “Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling” chapter of the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for additional information on setting the drop threshold value. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-339 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2protocol-tunnel shutdown-threshold Examples This example shows how to specify the maximum number of CDP packets that can be processed on that interface in 1 second: Router(config-if)# switchport Router(config-if)# l2protocol-tunnel shutdown-threshold cdp 200 Router(config-if)# Related Commands Command Description l2protocol-tunnel Enables the protocol tunneling on an interface and specifies the type of protocol to be tunneled. show l2protocol-tunnel Displays the protocols that are tunneled on an interface or on all interfaces. switchport Modifies the switching characteristics of the Layer 2-switched interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-340 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA l2 vfi manual l2 vfi manual To create a Layer 2 VFI and enter the Layer 2 VFI manual configuration submode, use the l2 vfi manual command. To remove the Layer 2 VFI, use the no form of this command. l2 vfi name manual no l2 vfi name manual Syntax Description name Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Name of a new or existing Layer 2 VFI. A VFI is a collection of data structures used by the data plane, software-based or hardware-based, to forward packets to one or more VCs. It is populated and updated by both the control plane and the data plane and also serves as the data structure interface between the control plane and the data plane. Within the Layer 2 VFI manual configuration submode, you can configure the following parameters: • VPN ID of a VPLS domain • Addresses of other PE routers in this domain • Type of tunnel signaling and encapsulation mechanism for each peer Within the Layer 2 VFI manual configuration submode, the following commands are available: Examples • [no] vpn id vpn-id—Configures a VPN ID in RFC 2685 format. To remove the VPN ID from the configuration, use the no form of this command. • [no] neighbor remote-router-id {encapsulation {l2tpv3 | mpls} | {pw-class pw-name} | no-split-horizon}—Specifies the type of tunnel signaling and encapsulation mechanism for each peer. See the neighbor command. This example shows how to create a Layer 2 VFI, enter the Layer 2 VFI manual configuration submode, and configure a VPN ID: Router(config)# l2 vfi vfitest1 manual Router(config-vfi)# vpn id 303 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-341 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA lacp max-bundle lacp max-bundle To define the maximum number of bundled LACP ports allowed in this port channel, use the lacp max-bundle command. To return to the default settings, use the no form of this command. lacp max-bundle max-bundles no lacp max-bundle Syntax Description max-bundles Defaults The default settings are as follows: Maximum number of bundled ports allowed in this port channel; valid values are from 1 to 8. • Maximum of eight bundled ports. • Maximum of eight bundled ports and eight hot-standby ports per port channel; this setting applies if the port channel on both sides of the LACP bundle are configured the same. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the maximum number of ports to bundle in this port channel: Router(config-if)# lacp max-bundle 4 Router(config-if)# Related Commands Command Description show lacp Displays LACP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-342 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA lacp port-priority lacp port-priority To set the priority for the physical interfaces, use the lacp port-priority command. lacp port-priority priority Syntax Description priority Defaults 32768 Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Priority for the physical interfaces; valid values are from 1 to 65535. You must assign a port priority to each port in the Catalyst 6500 series switch. You can specify the port priority automatically or by entering the lacp port-priority command. The port priority is used with the port number to form the port identifier. The port priority is used to decide which ports should be put in standby mode when there is a hardware limitation that prevents all compatible ports from aggregating. Although this command is a global configuration command, priority is supported only on port channels with LACP-enabled physical interfaces. This command is supported on LACP-enabled interfaces. When setting the priority, note that a higher number means a lower priority. Examples This example shows how to set the priority for the interface: Router(config-if)# lacp port-priority 23748 Router(config-if)# Related Commands Command Description channel-group Assigns and configures an EtherChannel interface to an EtherChannel group. channel-protocol Sets the protocol that is used on an interface to manage channeling. lacp system-priority Sets the priority of the system. show lacp Displays LACP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-343 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA lacp rate lacp rate To set the rate at which the LACP packets are ingressed to an interface, use the lacp rate command. To return to the default settings, use the no form of this command. lacp rate {normal | fast} no lacp rate Syntax Description normal Specifies that the LACP packets are ingressed at the normal rate of 30-seconds rate. fast Specifies that the LACP packets are ingressed at the fast rate of 1-second rate once the link is established. Defaults 90 seconds Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on LACP-enabled interfaces. Examples This example shows how to specify that the LACP packets are ingressed at the one-second rate: Router(config-if)# lacp rate fast Router(config-if)# Related Commands Command Description show lacp Displays LACP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-344 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA lacp system-priority lacp system-priority To set the priority of the system, use the lacp system-priority command. lacp system-priority priority Syntax Description priority Defaults 32768 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Priority of the system; valid values are from 1 to 65535. You must assign a system priority to each Catalyst 6500 series switch running LACP. You can specify the system priority automatically or by entering the lacp system-priority command. The system priority is used with the Catalyst 6500 series switch MAC address to form the system ID and is also used during negotiation with other systems. Although this command is a global configuration command, priority is supported on port channels with LACP-enabled physical interfaces. When setting the priority, note that a higher number means a lower priority. You can also enter the lacp system-priority command. Once you enter the command, the system defaults to global configuration mode. Examples This example shows how to set the system priority: Router(config)# lacp system-priority 23748 Router(config)# Related Commands Command Description channel-group Assigns and configures an EtherChannel interface to an EtherChannel group. channel-protocol Sets the protocol that is used on an interface to manage channeling. lacp port-priority Sets the priority for the physical interfaces. show lacp Displays LACP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-345 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA line line To identify a specific line for configuration and enter line configuration collection mode, use the line command. line {{first-line-number [ending-line-number]} | {console first-line-number} | {vty {first-line-number [ending-line-number]}}} Syntax Description first-line-number Relative number of the terminal line (or the first line in a contiguous group) that you want to configure when the line type is specified; valid values are from 0 to 1510. ending-line-number (Optional) Relative number of the last line in a contiguous group that you want to configure; valid values are from 101 to 1510. console first-line-number Specifies the console terminal line; the valid value is 0. vty Specifies the virtual terminal line for remote console access. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The console port is DCE. If you do not specify console or vty, the first-line-number and ending-line-number are absolute rather than relative line numbers. You can address a single line or a consecutive range of lines with the line command. A line number is necessary, though, and you will receive an error message if you forget to include it. Entering the line command with the optional line type (console or vty) designates the line number as a relative line number. For example, to configure line parameters for line 7 (a TTY line), you could enter the line tty 7 command. You also can use the line command without specifying a line type. In this case, the line number is treated as an absolute line number. For example, to configure line parameters for line 5, which can be of any type, you could enter the line 5 command. Absolute line numbers increment consecutively and can be difficult to manage on large systems. Relative line numbers are a shorthand notation used in configurations. Internally, the Cisco IOS software uses absolute line numbers. You cannot use relative line numbers everywhere, but you can use absolute line numbers everywhere. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-346 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA line You can enter the show users all command to display a table of absolute and relative line numbers. The absolute line numbers are listed at the far left, followed by the line type, and then the relative line number. Relative line numbers always begin at zero and define the type of line. Addressing the second virtual terminal line as line VTY 1, for example, is easier than remembering it as line 143—its absolute line number. The terminal from which you locally configure the router is attached to the console port. To configure line parameters for the console port, enter the line console 0 command. The console relative line number must be 0. Once you enter the line console configuration mode, you can set the transmit and receive speeds; valid values are from 0 to 9600. The default rate is 9600. Virtual terminal lines are used to allow remote access to the router. A virtual terminal line is not associated with either the auxiliary or console port. The router has five virtual terminal lines by default. However, you can create additional virtual terminal lines as described in the chapter “Configuring Protocol Translation and Virtual Asynchronous Devices” in the Cisco IOS Terminal Services Configuration Guide. Configuring the console port or virtual terminal lines allows you to perform such tasks as setting communication parameters, specifying autobaud connections, and configuring terminal operating parameters for the terminal that you are using. Examples This example shows how to start the configuration for virtual terminal lines 0 to 4: Router(config)# line vty 0 4 Router(config-line)# This example shows how to create and configure the maximum 100 virtual terminal lines with the no login command: Router(config)# line vty 0 99 Router(config-line)# no login Router(config-line)# This example shows how to eliminate the virtual terminal line number 5 and all higher-numbered virtual terminal lines. Only virtual terminal lines 0 to 4 will remain. Router(config-line)# no line vty 5 Router(config)# This example shows how to set the transmit and receive speeds for the console port: Router(config)# line console 0 Router(config-line)# speed 9600 Router(config-line)# Related Commands Command Description show line Displays parameters of a terminal line. show users Displays information about the active lines on the router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-347 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA link debounce link debounce To enable the debounce timer on an interface, use the link debounce command. To disable the timer, use the no form of this command. link debounce [time time] no link debounce Syntax Description time time Defaults Table 2-13 lists the debounce timer defaults. (Optional) Specifies the extended debounce timer; valid values are from 100 to 5000 milliseconds. Table 2-13 Port Debounce Timer Delay Time Port Type Debounce Timer Disabled Debounce Timer Enabled 10BASE-FL ports 300 milliseconds 3100 milliseconds 10/100BASE-TX ports 300 milliseconds 3100 milliseconds 100BASE-FX ports 300 milliseconds 3100 milliseconds 10/100/1000BASE-TX ports 300 milliseconds 3100 milliseconds 1000BASE-TX ports 300 milliseconds 3100 milliseconds Fiber Gigabit ports 10 milliseconds 100 milliseconds 10-Gigabit ports except WS-X6501-10GEX4 and WS-X6502-10GE 10 milliseconds 100 milliseconds 1000 milliseconds WS-X6501-10GEX4 and WS-X6502-10GE 10-Gigabit ports Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines 3100 milliseconds The time time keyword and argument are supported on Gigabit Ethernet and 10-Gigabit Ethernet interfaces only. The time time keyword and argument are not supported on copper media. The debounce timer sets the amount of time that the firmware waits before it notifies the software that the link is down. The debounce timer does not apply to linkup because the linkup is immediately notified by the firmware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-348 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA link debounce The default debounce time applies when you enter the link debounce command with no arguments. For example, when you enter the link debounce time 100 command, it is equivalent to entering the link debounce command with no arguments. You will see the following link debounce entry in the configuration: interface GigabitEthernet1/1 no ip address link debounce Enter the show interfaces debounce command to display the debounce configuration of an interface. Examples This example shows how to configure the debounce timer on a Gigabit Ethernet fiber interface: Router (config-if)# link debounce time 100 Router (config-if)# Related Commands Command Description show interfaces debounce Displays the status and configuration for the debounce timer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-349 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA load-interval load-interval To specify the length of time to be used to calculate the average load for an interface, use the load-interval command. To return to the default settings, use the no form of this command. load-interval seconds no load-interval Syntax Description seconds Defaults 300 seconds (5 minutes) Command Modes Interface configuration Frame Relay DLCI configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Length of time that is used to compute load statistics; valid values are from 30 to 600 seconds in 30-second increments. By default, the load data is gathered every 5 minutes or 300 seconds. You can use this data to compute load statistics, including the input rate in bits and packets per second, and the output rate in bits and packets per second, load, and reliability. Load data is computed using a weighted-average calculation where recent load data has more weight than older load data. If you want the load computations to be more reactive to short bursts of traffic, rather than being averaged over 5-minute periods, you can shorten the length of time over which load averages are computed. For example, you can set the load interval to 30 seconds to reflect the weighted-average load for the last 30-second period. Enter the load-interval command to change the calculation interval from the default value of 5 minutes (300 seconds) to a shorter or longer period of time. If you change it to a shorter period of time, the input and output statistics that are displayed when you use the show interface or show frame-relay pvc command will be more current, rather than reflecting a more average load over a longer period of time. Enter the load-interval command to increase or decrease the likelihood of activating a backup interface; for example, a backup dial interface may be triggered by a sudden spike in the load on an active interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-350 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA load-interval Examples This example shows how to set the load interval for the serial interface 0 so that the average is computed over 30-second intervals: Router(config)# interface serial 0 Router(config-if)# load-interval 30 This example shows how to set the load interval to 60 seconds for a Frame Relay PVC with the DLCI 100: Router(config)# interface serial 1/1 Router(config-if# encapsulation frame-relay ietf Router(config-if)# frame-relay interface-dlci 100 Router(config-fr-dlci)# load-interval 60 Related Commands Command Description show frame-relay pvc Displays statistics about PVCs for Frame Relay interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-351 Chapter 2 logging event link-status (global configuration) Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging event link-status (global configuration) To change the default or set the link-status event messaging during system initialization, use the logging event link-status command. To disable the link-status event messaging, use the no form of this command. logging event link-status {default | boot} no logging event link-status {default | boot} Syntax Description default Enables system logging of interface state-change events on all interfaces in the system. boot Enables system logging of interface state-change events on all interfaces in the system during system initialization. Defaults Interface state-change messages are not sent. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You do not have to enter the logging event link-status boot command to enable link-status messaging during system initialization. The logging event link-status default command logs system messages even during system initialization. If you enter both the logging event link-status default and the no logging event link-status boot commands, the interface state-change events are logged after all modules in the Catalyst 6500 series switch come online after system initialization. The logging event link-status default and the no logging event link-status boot commands are saved and retained in the running configuration of the system. When both the logging event link-status default and the no logging event link-status boot commands are present in the running configuration and you want to display the interface state-change messages during system initialization, enter the logging event link-status boot command. Examples This example shows how to enable the system logging of the interface state-change events on all interfaces in the system: Router(config)# logging event link-status default Router(config)# This example shows how to enable the system logging of interface state-change events on all interfaces during system initialization: Router(config)# logging event link-status boot Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-352 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging event link-status (global configuration) This example shows how to disable the system logging of interface state-change events on all interfaces: Router(config)# no logging event link-status default Router(config)# This example shows how to disable the system logging of interface state-change events during system initialization: Router(config)# no logging event link-status boot Router(config)# Related Commands Command Description show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-353 Chapter 2 logging event link-status (interface configuration) Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging event link-status (interface configuration) To enable the link-status event messaging on an interface, use the logging event link-status command. To disable the link-status event messaging, use the no form of this command. logging event link-status no logging event link-status Syntax Description This command has no arguments or keywords. Defaults Interface state-change messages are not sent. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To enable system logging of interface state-change events on a specific interface, enter the logging event link-status command. To enable system logging of interface state-change events on all interfaces in the system, enter the logging event link-status command. Examples This example shows how to enable the system logging of the interface state-change events on an interface: Router(config-if)# logging event link-status Router(config-if)# This example shows how to disable the system logging of the interface state-change events on an interface: Router(config-if)# no logging event link-status default Router(config-if)# Related Commands Command Description show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-354 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging event subif-link-status logging event subif-link-status To enable the link-status event messaging on a subinterface, use the logging event subif-link-status command. To disable the link-status event messaging on a subinterface, use the no form of this command. logging event subif-link-status no logging event subif-link-status Syntax Description This command has no arguments or keywords. Defaults Subinterface state-change messages are not sent. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the following subinterfaces: • Frame Relay subinterfaces • OSM-GE-WAN subinterfaces • SIP subinterfaces • LAN subinterfaces To enable system logging of interface state-change events on a specific subinterface, enter the logging event subif-link-status command. To enable system logging of interface state-change events on a specific interface, enter the logging event link-status command. To enable system logging of interface state-change events on all interfaces in the system, enter the logging event link-status command. Examples This example shows how to enable the system logging of the interface state-change events on a subinterface: Router(config-if)# logging event subif-link-status Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-355 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging event subif-link-status This example shows how to disable the system logging of the interface state-change events on a subinterface: Router(config-if)# no logging event subif-link-status Router(config-if)# Related Commands Command Description show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-356 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging ip access-list cache (global configuration mode) logging ip access-list cache (global configuration mode) To configure the OAL parameters, use the logging ip access-list cache command. To return to the default settings, use the no form of this command. logging ip access-list cache {{entries entries} | {interval seconds} | {rate-limit pps} | {threshold packets}} no logging ip access-list cache [entries | interval | rate-limit | threshold] Syntax Description Defaults entries entries Specifies the maximum number of log entries that are cached in the software; valid values are from 0 to 1048576 entries. interval seconds Specifies the maximum time interval before an entry is sent to syslog; valid values are from 5 to 86400 seconds. rate-limit pps Specifies the number of packets that are logged per second in the software; valid values are from 10 to 1000000 pps. threshold packets Specifies the number of packet matches before an entry is sent to syslog; valid values are from 1 to 1000000 packets. The defaults are as follows: • entries—8000 entries. • seconds—300 seconds (5 minutes). • rate-limit pps—0 (rate limiting is off) and all packets are logged. • threshold packets—0 (rate limiting is off) and the system log is not triggered by the number of packet matches. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines OAL is supported on IPv4 unicast traffic only. You cannot configure OAL and VACL capture on the same chassis. OAL and VACL capture are incompatible. With OAL configured, use SPAN to capture traffic. If the entry is inactive for the duration that is specified in the update-interval seconds command, the entry is removed from the cache. If you enter the no logging ip access-list cache command without keywords, all the parameters are returned to the default values. You must set ICMP unreachable rate limiting to 0 if the OAL is configured to log denied packets. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-357 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging ip access-list cache (global configuration mode) Examples This example shows how to specify the maximum number of log entries that are cached in the software: Router(config)# logging ip access-list cache entries 200 Router(config)# This example shows how to specify the maximum time interval before an entry is sent to the system log: Router(config)# logging ip access-list cache interval 350 Router(config)# This example shows how to specify the number of packets that are logged per second in the software: Router(config)# logging ip access-list cache rate-limit 100 Router(config)# This example shows how to specify the number of packet matches before an entry is sent to the system log: Router(config)# logging ip access-list cache threshold 125 Router(config)# Related Commands Command Description clear logging ip access-list cache Clears all the entries from the OAL cache and sends them to the syslog. logging ip access-list cache (interface configuration mode) Enables an OAL-logging cache on an interface that is based on direction. show logging ip access-list Displays information about the logging IP access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-358 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging ip access-list cache (interface configuration mode) logging ip access-list cache (interface configuration mode) To enable an OAL-logging cache on an interface that is based on direction, use the logging ip access-list cache command. To disable OAL, use the no form of this command. logging ip access-list cache [in | out] no logging ip access-list cache Syntax Description in (Optional) Enables OAL on ingress packets. out (Optional) Enables OAL on egress packets. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on traffic that matches the log keyword in the applied ACL. You must set ICMP unreachable rate limiting to 0 if the OAL is configured to log denied packets. On systems that are configured with a PFC3A, support for the egress direction on tunnel interfaces is not supported. OAL is supported on IPv4 unicast traffic only. You cannot configure OAL and VACL capture on the same chassis. OAL and VACL capture are incompatible. With OAL configured, use SPAN to capture traffic. If the entry is inactive for the duration that is specified in the update-interval seconds command, the entry is removed from the cache. If you enter the no logging ip access-list cache command without keywords, all the parameters are returned to the default values. Examples This example shows how to enable OAL on ingress packets: Router(config-if)# logging ip access-list cache in Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-359 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA logging ip access-list cache (interface configuration mode) This example shows how to enable OAL on egress packets: Router(config-if)# logging ip access-list cache out Router(config-if)# Related Commands Command Description clear logging ip access-list cache Clears all the entries from the OAL cache and sends them to the syslog. logging ip access-list cache (global configuration mode) Configures the OAL parameters. show logging ip access-list Displays information about the logging IP access list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-360 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac access-list extended mac access-list extended To access a subcommand to define extended MAC-access lists, use the mac access-list extended command. To remove MAC-access lists, use the no form of this command. mac access-list extended name no mac access-list extended name Syntax Description name Defaults No default ACL Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Name of the ACL to which the entry belongs. When you enter the ACL name, follow these naming conventions: • Maximum of 31 characters and may include a-z, A-Z, 0-9, the dash character (-), the underscore character (_), and the period character (.) • Must start with an alpha character and must be unique across all ACLs of all types • Case sensitive • Cannot be a number • Must not be a keyword; keywords to avoid are all, default-action, map, help, and editbuffer You can configure named ACLs that filter IPX, DECnet, AppleTalk, VINES, or XNS traffic based on MAC addresses (IPX filtering with a MAC ACL is supported only with a PFC3). In systems that are configured with PFC3, if you want to classify all IPX traffic by using a MAC-access list that matches on EtherType 0x8137, use the ipx-arpa or ipx-non-arpa protocol. Once you enter the mac access-list extended name command, use the following subset to create or delete entries in a MAC-access list: [no] {permit | deny} {{src-mac mask | any} {dest-mac mask} | any} [protocol [vlan vlan] [cos value]] The vlan vlan and cos value keywords and arguments are supported in PFC3BXL or PFC3B mode. The vlan vlan and cos value keywords and arguments are not supported on the MAC VACLs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-361 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac access-list extended Table 2-14 describes the syntax of the mac access-list extended subcommands. Table 2-14 mac access-list extended Subcommands Subcommand Description no (Optional) Deletes a statement from an access list. permit Permits access if the conditions are matched. deny Denies access if the conditions are matched. src-mac mask Source MAC address in the form: source-mac-address source-mac-address-mask. any Specifies any protocol type. dest-mac mask (Optional) Destination MAC address in the form: dest-mac-address dest-mac-address-mask. protocol (Optional) Name or number of the protocol; see below for a list of valid values. vlan vlan (Optional) Specifies a VLAN ID; valid values are from 0 to 4095. cos value (Optional) Specifies a CoS value; valid values are from 0 to 7. Valid protocol names are as follows: • 0x0-0xFFFF—Arbitrary EtherType in hex • aarp—EtherType: AppleTalk ARP • amber—EtherType: DEC-Amber • appletalk—EtherType: AppleTalk/EtherTalk • dec-spanning—EtherType: DEC-Spanning-Tree • decnet-iv—EtherType: DECnet Phase IV • diagnostic—EtherType: DEC-Diagnostic • dsm—EtherType: DEC-DSM • etype-6000—EtherType: 0x6000 • etype-8042—EtherType: 0x8042 • ip—EtherType: 0x0800 • ipx-arpa—IPX arpa • ipx-non-arpa—IPX non arpa • lat—EtherType: DEC-LAT • lavc-sca—EtherType: DEC-LAVC-SCA • mop-console—EtherType: DEC-MOP Remote Console • mop-dump—EtherType: DEC-MOP Dump • msdos—EtherType: DEC-MSDOS • mumps—EtherType: DEC-MUMPS • netbios—EtherType: DEC-NETBIOS • vines-echo—EtherType: VINES Echo Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-362 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac access-list extended • vines-ip—EtherType: VINES IP • xns-idp—EtherType: XNS IDP When you enter the src-mac mask or dest-mac mask value, note these guidelines and restrictions: • Enter MAC addresses as three 4-byte values in dotted hexadecimal format (for example, 0030.9629.9f84). • Enter MAC-address masks as three 4-byte values in dotted hexadecimal format. Use 1 bit as a wildcard. For example, to match an address exactly, use 0000.0000.0000 (can be entered as 0.0.0). • For the optional protocol, you can enter either the EtherType or the keyword. • Entries without a protocol match any protocol. • Access lists entries are scanned in the order that you enter them. The first matching entry is used. To improve performance, place the most commonly used entries near the beginning of the access list. • An implicit deny any any entry exists at the end of an access list unless you include an explicit permit any any entry at the end of the list. • All new entries to an existing list are placed at the end of the list. You cannot add entries to the middle of a list. Malformed, invalid, deliberately corrupt EtherType 0x800 IP frames are not recognized as IP traffic and are not filtered by IP ACLs. An ACE created with the mac access-list extended command with the ip keyword filters malformed, invalid, deliberately corrupt EtherType 0x800 IP frames only; it does not filter any other IP traffic. Examples This example shows how to create a MAC-access list named mac_layer that denies traffic from 0000.4700.0001, which is going to 0000.4700.0009, and permits all other traffic: Router(config)# mac access-list extended mac_layer Router(config-ext-macl)# deny 0000.4700.0001 0.0.0 0000.4700.0009 0.0.0 dsm Router(config-ext-macl)# permit any any Related Commands Command Description show mac-address-table Displays information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-363 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table aging-time mac-address-table aging-time To configure the aging time for entries in the Layer 2 table, use the mac-address-table aging-time command. To return to the default settings, use the no form of this command. mac-address-table aging-time seconds [routed-mac | vlan vlan-id] no mac-address-table aging-time seconds [routed-mac | vlan vlan-id] Syntax Description seconds Aging time; valid values are 0 and from 5 to 1000000 seconds. routed-mac (Optional) Specifies the routed MAC aging interval. vlan vlan-id (Optional) Specifies the VLAN to apply the changed aging time; valid values are from 1 to 4094. Defaults 300 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enter a VLAN, the change is applied to all routed-port VLANs. Enter 0 seconds to disable aging. You can enter the routed-mac keyword to configure the MAC address aging time for traffic that has the routed MAC (RM) bit set. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-364 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table aging-time Examples This example shows how to configure the aging time: Router(config)# mac-address-table aging-time 400 Router(config)# This example shows how to change the RM aging time: Router(config)# mac-address-table aging-time 500 routed-mac Router(config)# This example shows how to disable aging: Router(config)# mac-address-table aging-time 0 Router(config) Related Commands Command Description show mac-address-table Displays information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-365 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table learning mac-address-table learning To enable MAC-address learning, use the mac-address-table learning command. To disable learning, use the no form of this command. [default] mac-address-table learning {{vlan vlan-id} | {vlans vlan-range} | {interface interface slot/port}} [module num] no mac-address-table learning {{vlan vlan-id} | {vlans vlan-range} | {interface interface slot/port}} [module num] Syntax Description default (Optional) Returns to the default settings. vlan vlan-id Specifies the VLAN to apply the per-VLAN learning of all MAC addresses; valid values are from 1 to 4094. vlans vlan-range Specifies the number of the VLANs to be mapped to the specified instance; valid values are from 1 to 4094. interface Specifies per-interface based learning of all MAC addresses. interface slot/port Interface type, the slot number, and the port number. module num (Optional) Specifies the module number. Defaults If you configure a VLAN on a port in a module, all the supervisor engines and DFCs in the Catalyst 6500 series switch are enabled to learn all the MAC addresses on the specified VLAN. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. 12.(23)SXH This command was changed to allow you to enter a range of VLANs. Usage Guidelines You can use the module num keyword and argument to specify supervisor engines or DFCs only. You can use the vlan vlan-id keyword and argument on switch-port VLANs only. You cannot use the vlan vlan-id keyword and argument to configure learning on routed interfaces. You can use the interface interface slot/port keyword and arguments on routed interfaces and supervisor engines only. You cannot use the interface interface slot/port keyword and arguments to configure learning on switch-port interfaces. In releases after Cisco IOS Release 12.(23)SXH, you can enter a range of VLANS separated by a hyphen. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-366 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table learning Examples This example shows how to enable MAC-address learning on a switch-port interface on all modules: Router (config)# mac-address-table learning vlan 100 Router (config)# This example shows how to enable MAC-address learning on a range of VLANs on all modules: Router (config)# mac-address-table learning vlan 100-115,125 Router (config)# This example shows how to enable MAC-address learning on a switch-port interface on a specified module: Router (config)# mac-address-table learning vlan 100 module 4 Router (config)# This example shows how to disable MAC-address learning on a specified switch-port interface for all modules: Router (config)# no mac-address-table learning vlan 100 Router (config)# This example shows how to enable MAC-address learning on a routed interface on all modules: Router (config)# mac-address-table learning vlan 100 Router (config)# This example shows how to enable MAC-address learning on a routed interface for a specific module: Router (config)# mac-address-table learning interface FastEthernet 3/48 module 4 Router (config)# This example shows how to disable MAC-address learning for all modules on a specific routed interface: Router (config)# no mac-address-table learning interface FastEthernet 3/48 Router (config)# Related Commands Command Description show mac-address-table learning Displays the MAC-address learning state. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-367 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table limit mac-address-table limit To enable MAC limiting, use the mac-address-table limit command. To disable MAC limiting, use the no form of this command. mac-address-table limit [maximum num] [action {warning | limit | shutdown}] [notification {syslog | trap | both}] mac-address-table limit [{vlan vlan} | {interface type mod/port}] [maximum num] [action {warning | limit | shutdown}] [flood] no mac-address-table limit [vlan vlan] [maximum | action] Syntax Description Defaults maximum num (Optional) Specifies the maximum number of MAC entries per VLAN per EARL allowed; valid values are from 5 to 32000 MAC-address entries. action (Optional) Specifies the type of action to be taken when the action is violated. warning Specifies that the one syslog message will be sent and no further action will be taken when the action is violated. limit Specifies that the one syslog message will be sent and/or a corresponding trap will be generated with the MAC limit when the action is violated. shutdown Specifies that the one syslog message will be sent and/or the VLAN is moved to the blocked state when the action is violated. notification (Optional) Specifies the type of notification to be sent when the action is violated. syslog Sends a syslog message when the action is violated. trap Sends trap notifications when the action is violated. both Sends syslog and trap notifications when the action is violated. vlan vlan (Optional) Enables MAC limiting on a per-VLAN basis. interface type mod/port (Optional) Enables MAC limiting on a per-port basis. flood (Optional) Enables unknown unicast flooding on a VLAN. The defaults are as follows: • maximum num is 500 MAC address entries. • action is warning. • notification is syslog. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-368 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table limit Usage Guidelines Use this syntax for enabling MAC limiting globally: mac-address-table limit [maximum num] [action {warning | limit | shutdown}] [notification {syslog | trap | both}] Use this syntax for enabling per-VLAN MAC limiting: mac-address-table limit [vlan vlan] [maximum num] [action {warning | limit | shutdown}] [flood] Use this syntax for enabling per-port MAC limiting: mac-address-table limit [interface type mod/port] [maximum num] [action {warning | limit | shutdown}] [flood] If you enable per-VLAN MAC limiting, the per-VLAN MAC limiting supersedes the mac-address-table limit command that globally enables MAC limiting. The maximum number of MAC entries is based per VLAN and per EARL. If you do not specify a maximum, an action, or a notification, the default settings are used. If you enable per-VLAN MAC limiting, MAC limiting is enabled on the VLAN specified only. The flood keyword is supported on VLAN interfaces only. The flood action occurs only if the limit action is configured and is violated. In the shutdown state, the VLAN remains in the blocked state until you reenable it through the CLI. Examples This example shows how to enable the MAC limit globally: Router(config)# mac-address-table limit Router(config)# This example shows how to enable per-VLAN MAC limiting: Router(config)# mac-address-table limit vlan 501 maximum 50 action shutdown Router(config)# Related Commands Command Description show mac-address-table limit Displays the information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-369 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table notification mac-move mac-address-table notification mac-move To enable MAC-move notification, use the mac-address-table notification mac-move command. To disable MAC-move notification, use the no form of this command. mac-address-table notification mac-move no mac-address-table notification mac-move Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines MAC-move notification generates a syslog message whenever a MAC address or host moves between different switch ports. MAC-move notification does not generate a notification when a new MAC address is added to the CAM or when a MAC address is removed from the CAM. MAC-move notification is supported on switch ports only. Examples This example shows how to enable MAC-move notification: Router(config)# mac-address-table notification mac-move Router(config)# This example shows how to disable MAC-move notification: Router(config)# no mac-address-table notification mac-move Router(config)# Related Commands Command Description show Displays the information about the MAC-address table. mac-address-table notification mac-move Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-370 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table notification threshold mac-address-table notification threshold To enable CAM table usage monitoring notification, use the mac-address-table notification threshold command. To disable CAM table usage monitoring notification, use the no form of this command. mac-address-table notification threshold {limit percentage} {interval time} no mac-address-table notification threshold Syntax Description Defaults limit percentage Specifies the percentage of the CAM utilization; valid values are from 1 to 100 percent. interval time Specifies the time between notifications; valid values are greater than or equal to 120 seconds. The defaults are as follows: • Disabled. • percentage is 50 percent. • time is 120 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enable CAM table usage monitoring, the number of valid entries in the CAM table are counted and if the percentage of the CAM utilization is higher or equal to the specified threshold, a message is displayed. Examples This example shows how to enable CAM table usage monitoring notification and use the default settings: Router(config)# mac-address-table notification threshold Router(config)# This example shows how to enable CAM table usage monitoring notification and set the threshold and interval: Router(config)# mac-address-table notification threshold limit 20 interval 200 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-371 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table notification threshold This example shows how to disable CAM table usage monitoring notification: Router(config)# no mac-address-table notification threshold Router(config)# Related Commands Command Description show mac-address-table notification threshold Displays information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-372 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table static mac-address-table static To add static entries to the MAC-address table or configure a static MAC address with IGMP snooping disabled for that address, use the mac-address-table static command. See the “Usage Guidelines” section for information about the no form of this command. mac-address-table static mac-addr vlan vlan-id {interface type | drop [disable-snooping]} [dlci dlci | pvc vpi/vci] [auto-learn | disable-snooping] [protocol {ip | ipv6 | ipx | assigned}] no mac-address-table static mac-addr {vlan vlan-id} {interface type} [disable-snooping] [dlci dlci | pvc vpi/vci] Syntax Description mac-addr Address to add to the MAC-address table. vlan vlan-id Specifies the VLAN to apply the changed aging time; valid values are from 1 to 4094. interface type Specifies the interface type and module/port number. drop Drops all traffic that is received from and going to the configured MAC address in the specified VLAN. disable-snooping (Optional) Disables IGMP snooping on the multicast MAC address. dlci dlci (Optional) Specifies mapping the DLCI to this MAC address; valid values are from 16 to 1007. pvc vpi/vci (Optional) Specifies mapping the PVC to this MAC address. auto-learn (Optional) Updates the entry with the new port; see the “Usage Guidelines” section for additional information. protocol (Optional) Specifies the protocol that is associated with the entry. ip Specifies the IP protocol. ipv6 Specifies the IPv6 protocol. ipx Specifies the IPX protocol. assigned Specifies assigned protocol bucket accounts for such protocols as DECnet, Banyan VINES, and AppleTalk. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the no form of this command to do the following: • Remove entries that are profiled by the combination of specified entry information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-373 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table static • Note that IGMP snooping is not disabled for the specified address. • Remove the MAC address to a Frame Relay DLCI or ATM PVC mapping. The dlci dlci keyword and argument are valid only if Frame Relay encapsulation has been enabled on the specified interface. The pvc vpi/vci keyword and arguments are supported on ATM interfaces only. When specifying the pvc vpi/vci, you must specify both a VPI and a VCI, separated by a slash. When you install a static MAC address, it is associated with a port. If the same MAC address is seen on a different port, the entry is updated with the new port if you enter the auto-learn keyword. The output interface specified must be a Layer 2 IDB and not an SVI. The ipx keyword is not supported. You can enter up to 15 interfaces per command entered, but you can enter more interfaces by repeating the command. If you do not enter a protocol type, an entry is automatically created for each of the four protocol types. Entering the no form of this command does not remove system MAC addresses. When removing a MAC address, entering interface type is optional. For unicast entries, the entry is removed automatically. For multicast entries, if you do not specify an interface, the entire entry is removed. You can specify the selected ports to be removed by specifying the interface. The mac-address-table static mac-addr {vlan vlan-id} {interface type} disable-snooping command disables snooping on the specified static MAC entry/VLAN pair only. To reenable snooping, you must first delete the MAC address and then reinstall it using the mac-address-table static mac-addr {vlan vlan-id} {interface type} command without entering the disable-snooping keyword. The mac-address-table static mac-addr {vlan vlan-id} drop command cannot be applied to a multicast MAC address. To support multipoint bridging and other features, you must also specify the dlci dlci keyword and argument for Frame Relay interfaces or the pvc vpi/vci keyword and arguments for ATM interfaces as follows: Router(config)# mac-address-table static 000C.0203.0405 vlan 101 interface ATM6/1 pvc6/101 Router(config)# Note Examples If you omit the dlci dlci keyword and argument for Frame Relay interfaces, the MAC address is mapped to the first DLCI circuit that is configured for the specified VLAN on that interface. If you omit the pvc vpi/vci keyword and arguments for ATM interfaces, the MAC address is mapped to the first PVC circuit that is configured for the specified VLAN on that interface. To ensure that the MAC address is configured correctly, we recommend that you always use the dlci dlci and pvc vpi/vci keywords and arguments on the appropriate interfaces. This example shows how to add static entries to the MAC-address table: Router(config)# mac-address-table static 0050.3e8d.6400 vlan 100 interface fastethernet5/7 Router(config)# This example shows how to configure a static MAC address with IGMP snooping disabled for a specified address: Router(config)# mac-address-table static 0050.3e8d.6400 vlan 100 interface fastethernet5/7 disable-snooping Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-374 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table static This example shows how to add static entries to the MAC address table for an ATM PVC circuit and for a Frame Relay DLCI circuit: Router(config)# mac-address-table static 0C01.0203.0405 vlan 101 interface ATM6/1 pvc 6/101 Router(config)# mac-address-table static 0C01.0203.0406 vlan 202 interface POS4/2 dlci 200 Router(config)# Related Commands Command Description show mac-address-table Displays information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-375 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac-address-table synchronize mac-address-table synchronize To synchronize the Layer 2 MAC address table entries across the PFC and all the DFCs, use the mac-address-table synchronize command. To disable MAC address table synchronization or reset the activity timer, use the no form of this command. mac-address-table synchronize [activity-time seconds] no mac-address-table synchronize [activity-time seconds] Syntax Description activity-time seconds Defaults The default settings are as follows: (Optional) Specifies the activity timer interval: valid values are 160, 320, and 640 seconds. • Disabled. • Enabled for WS-X6708-10GE. • activity-time is 160 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines We recommend that you configure the activity time so that at least two activity times exist within the regular Layer 2 aging time (or within the aging time used for VLANs in distributed EtherChannels if this feature is used only for distributed EtherChannels). If at least two activity times do not exist within the aging time, then an error message is displayed. Examples This example shows how to specify the activity timer interval: Router(config)# mac-address-table synchronize activity-time 320 Router(config)# Related Commands Command Description show mac-address-table synchronize statistics Displays information about the MAC-address table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-376 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac packet-classify mac packet-classify To classify Layer 3 packets as Layer 2 packets, use the mac packet-classify command. To return to the default settings, use the no form of this command. mac packet-classify no mac packet-classify Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines PFC3BXL and PFC3B modes support protocol-independent MAC ACL filtering. Protocol-independent MAC ACL filtering applies MAC ACLs to all ingress traffic types (for example, IPv4 traffic, IPv6 traffic, and MPLS traffic, in addition to MAC-layer traffic). You can configure these interface types for multilayer MAC ACL QoS filtering: • VLAN interfaces without Layer 3 addresses • Physical LAN ports that are configured to support EoMPLS • Logical LAN subinterfaces that are configured to support EoMPLS The ingress traffic that is permitted or denied by a MAC ACL on an interface configured for multilayer MAC ACL QoS filtering is processed by egress interfaces as MAC-layer traffic. You cannot apply egress IP ACLs to traffic that was permitted or denied by a MAC ACL on an interface configured for multilayer MAC ACL QoS filtering. Microflow policing does not work on interfaces that have the mac packet-classify command enabled. The mac packet-classify command causes the Layer 3 packets to be classified as Layer 2 packets and disables IP classification. Traffic is classified based on 802.1Q CoS, trunk VLAN, EtherType, and MAC addresses. Examples This example shows how to classify incoming and outgoing Layer 3 packets as Layer 2 packets: Router(config-if)# mac packet-classify Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-377 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac packet-classify This example shows how to disable the classification of incoming and outgoing Layer 3 packets as Layer 2 packets: Router(config-if)# no mac packet-classify Router(config-if)# Related Commands Command Description mac packet-classify use vlan Enables VLAN-based QoS filtering in the MAC ACLs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-378 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mac packet-classify use vlan mac packet-classify use vlan To enable VLAN-based QoS filtering in the MAC ACLs, use the mac packet-classify use vlan command. To return to the default settings, use the no form of this command. mac packet-classify use vlan no mac packet-classify use vlan Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines PFC3BXL and PFC3B modes support protocol-independent MAC ACL filtering. Protocol-independent MAC ACL filtering applies MAC ACLs to all ingress traffic types (for example, IPv4 traffic, IPv6 traffic, and MPLS traffic, in addition to MAC-layer traffic). You must use the no mac packet-classify use vlan command to disable the VLAN field in the Layer 2 key if you want to apply QoS to the Layer 2 SAP-encoded packets (for example, IS-IS and IPX). QoS does not allow policing of non-ARPA Layer 2 packets (for example, IS-IS and IPX) if the VLAN field is enabled. Examples This example shows how to enable VLAN-based QoS filtering in the MAC ACLs: Router(config)# mac packet-classify use vlan Router(config) This example shows how to disable VLAN-based QoS filtering in the MAC ACLs: Router(config)# no mac packet-classify use vlan Router(config) Related Commands Command Description mac packet-classify Classifies Layer 3 packets as Layer 2 packets. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-379 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA match match To specify the match clause by selecting one or more ACLs for a VLAN access-map sequence, use the match subcommand. The match clause specifies the IP, IPX, or MAC ACLs for traffic filtering. To remove the match clause, use the no form of this command. match {ip address {acl-number | acl-name}} | {ipx address {acl-number | acl-name} | {mac address acl-name}} no match {ip address {acl-number | acl-name}} | {ipx address {acl-number | acl-name} | {mac address acl-name}} Syntax Description ip address acl-number Selects one or more IP ACLs for a VLAN access-map sequence; valid values are from 1 to 199 and from 1300 to 2699. ip address acl-name Selects an IP ACL by name. ipx address acl-number Selects one or more IPX ACLs for a VLAN access-map sequence; valid values are from 800 to 999. ipx address acl-name Selects an IPX ACL by name. mac address acl-name Selects one or more MAC ACLs for a VLAN access-map sequence. Defaults This command has no default settings. Command Modes VLAN access-map submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The match ipx address and match mac address commands are not supported for VACLs on WAN interfaces. IPX ACLs that are used in VACLs can only specify the IPX protocol type, the source network, the destination network, and the destination host address. The MAC sequence is not effective for IP or IPX packets. IP packets and IPX packets should be access controlled by IP and IPX match clauses. You cannot configure VACLs on secondary VLANs. The secondary VLAN inherits all features that are configured on the primary VLAN. These subcommands appear in the CLI help but are not supported by the PFC QoS: • match cos • match any • match class-map • match destination-address Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-380 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA match • match input-interface • match qos-group • match source-address Refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for additional configuration guidelines and restrictions. Refer to the Cisco IOS Release 12.2 Command Reference publication for additional match command information. Examples This example shows how to define a match clause for a VLAN access map: Router(config)# vlan access-map ganymede 10 Router(config-access-map)# match ip address 13 Router(config-access-map)# Related Commands Command Description action Sets the packet action clause. port access-map Creates a port access map or enters port access-map command mode. show vlan access-map Displays the contents of a VLAN-access map. vlan access-map Creates a VLAN access map or enters VLAN access-map command mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-381 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA match protocol match protocol To configure the match criteria for a class map on the basis of the specified protocol, use the match protocol command. To remove the protocol-based match criteria from a class map, use the no form of this command. match protocol {ip | ipv6} no match protocol {ip | ipv6} Syntax Description ip Specifies protocol matching on IP packets. ipv6 Specifies protocol matching on IPv6 packets. Defaults This command has no default settings. Command Modes Class-map submode Command History 12.2(18)ZY Usage Guidelines The match protocol class-map subcommand configures NBAR and sends all traffic on the port, both ingress and egress, to be processed in the software on the PISA. Support for this command was introduced. For class-based weighted fair queueing, you define traffic classes based on match criteria including protocols, ACLs, input interfaces, QoS labels, and EXP field values. Packets satisfying the match criteria for a class constitute the traffic for that class. The match protocol command specifies the name of a protocol to be used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map. To use the match protocol command, you must first enter the class-map command to specify the name of the class to which you want to establish the match criteria. If you specify more than one command in a class map, only the last command entered applies. The last command overrides the previously entered commands. This command can be used to match protocols that are known to the NBAR feature. For a list of protocols currently supported by NBAR, see the “Classification” section of the Cisco IOS Quality of Service Solutions Configuration Guide. Examples This example shows how to specify a class map called ip and configure the IP as a match criterion for it: Router(config)# class-map ip Router(config-cmap)# match protocol ip Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-382 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA maxconns (real server configuration submode) maxconns (real server configuration submode) To limit the number of active connections to the real server, use the maxconns command. To change the maximum number of connections to the default settings, use the no form of this command. maxconns number-conns no maxconns Syntax Description number-conns Defaults 0 Command Modes Real server configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Maximum number of active connections on the real server at any one point in time; valid values are from 0 to 4294967295. Usage Guidelines If you do not specify the number-conns value, the default value is 0, which means that the maximum number of connections to the real server are not monitored. Examples This example shows how to limit the number of active connections to the real server: Router(config-if)# maxconns 49672 Router(config-if)# This example shows how to revert to the default settings: Router(config-if)# no maxconns Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-383 Chapter 2 maxconns (real server configuration submode) Related Commands Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA Command Description faildetect numconns Specifies the conditions that indicate a server failure. inservice (real server) Enables the real server for use by the Cisco IOS SLB feature. reassign Defines the number of consecutive number of SYNs for a new connection that will go unanswered before the connection is attempted to a different real server. retry Defines the amount of time that must elapse before a connection is attempted to a failed server. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-384 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA maximum-paths maximum-paths To control the maximum number of parallel routes that an IP routing protocol can support, use the maximum-paths command. To restore the default settings, use the no form of this command. maximum-paths maximum no maximum-paths Syntax Description maximum Defaults The defaults are as follows: Maximum number of parallel routes that an IP routing protocol installs in a routing table; valid values are from 1 to 8. • BGP has one path. • All other IP routing protocols have four paths. Command Modes Routing protocol configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to allow a maximum of two paths to a destination: Router(config-router)# maximum-paths 2 Router(config-router) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-385 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mdix auto mdix auto To enable automatic media-dependent interface with crossover detection, use the mdix auto command. To turn automatic detection off, use the no form of this command. mdix auto no mdix auto Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the following modules only: • WS-X6748-GE-TX • WS-SUP720 (copper ports only) • WS-SUP720-10G (copper ports only) • WS-SUP32 (copper ports only) • WS-X6148A-RJ45 • WS-X6148A-GE-TX • WS-X6548-RJ45 • WS-X6548-RJ21 • WS-X6548-GE-TX • WS-X6516-GE-TX • WS-X6148-GE-TX • WS-X6148X2-RJ45 • WS-X6196-RJ21 • The copper SFP (GLC-T) and the copper GBIC (WS-G5483) also support automatic MDIX when used in one of the modules that support these tranceivers. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-386 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mdix auto Examples This example shows how to enable automatic media-dependent interface with crossover detection: Router# mdix auto Router# This example shows how to disable automatic media-dependent interface with crossover detection: Router# no mdix auto Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-387 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mdt data mdt data To configure the multicast group address range for data MDT groups, use the mdt data command. To disable this function, use the no form of this command. mdt data group-address-range wildcard-bits [threshold threshold-value] [list access-list] no mdt data group-address-range wildcard-bits [threshold threshold-value] [list access-list] Syntax Description group-address-range Multicast group address range; valid values are from 224.0.0.1 to 239.255.255.255. wildcard-bits Wildcard bits to be applied to the multicast group address range. threshold threshold-value (Optional) Defines the bandwidth threshold value; valid values are from 1 through 4294967. list access-list (Optional) Defines the access-list name or number. Defaults Disabled Command Modes VRF configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines A data MDT group can include a maximum of 256 multicast groups per VPN. Multicast groups that are used to create the data MDT group are dynamically chosen from a pool of configured IP addresses. This command configures a range of alternative multicast destination addresses for the tunnel header. The destination address chosen depends on the traffic profile (the source and destination match the specified access list and the rate of the traffic has exceeded the bandwidth threshold value). Examples This example shows how to configure the multicast group address range for data MDT groups: Router(config-vrf)# mdt data 232.0.1.0 0.0.0.255 threshold 500 list 101 Router(config-vrf)# Related Commands Command Description mdt default Configures a default MDT group for a VRF instance. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-388 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mdt default mdt default To configure a default MDT group for a VRF instance, use the mdt default command in VRF configuration mode. To disable this function, use the no form of this command. mdt default group-address no mdt default group-address Syntax Description group-address Defaults Disabled Command Modes VRF configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines IP address of the default MDT group. The default MDT group must be the same group that is configured on all provider-edge routers that belong to the same VPN. The group-address serves as an identifier for the community because provider-edge routers that are configured with the same group address become members of the group, allowing them to receive packets that are sent by each other. If you use the SSM protocol for the default MDT, the source IP address is used to source the BGP sessions. A tunnel interface is created when you enter this command. By default, the destination address of the tunnel header is the group-address argument. Examples This example shows how to configure a default MDT group for a VRF instance: Router(config-vrf)# mdt default 232.0.0.1 Router(config-vrf)# Related Commands Command Description mdt data Configures the multicast group address range for data MDT groups. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-389 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mdt log-reuse mdt log-reuse To enable the recording of data MDT reuse, use the mdt log-reuse command in VRF configuration mode. To disable this function, use the no form of this command. mdt log-reuse no mdt log-reuse Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes VRF configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mdt log-reuse command generates a syslog message whenever a data MDT is reused. Examples This example shows how to enable the MDT log reuse function: Router(config-vrf)# mdt log-reuse Router(config-vrf)# Related Commands Command Description mdt data Configures the multicast group address range for data MDT groups. mdt default Configures a default MDT group for a VRF instance. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-390 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA media-type media-type To select the connector to use for the dual-mode uplink port, use the media-type command. To return to the default settings, use the no form of this command. media-type {rj45 | sfp} no media-type Syntax Description rj45 Uses an RJ-45 connector. sfp Uses an SFP connector. Defaults sfp Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Port 1 has a small form-factor pluggable (SFP) connector. Port 2 has an RJ-45 connector and an SFP connector. You must configure the port to use one connector or the other. Examples This example shows how to configure port 2 in slot 5 to use the RJ-45 connector: Router(config)# interface gigabitethernet 5/2 Router(config-if)# media-type rj45 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-391 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mkdir disk0: mkdir disk0: To create a new directory in a flash file system, use the mkdir disk0: command. mkdir disk0: Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is valid only on flash file systems. After you enter the mkdir disk0: command, you are prompted to enter the new directory filename. To check your entry, enter the dir command. To remove a directory, enter the rmdir command. Examples This example shows how to create a directory named newdir: Router# mkdir disk0: Create directory filename [ ]? newdir Created dir disk0: newdir Router# Related Commands Command Description cd Changes the default directory or file system. dir Displays a list of files on a file system. rmdir Removes an existing directory in a Class C flash file system. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-392 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls aclmerge algorithm mls aclmerge algorithm To select the type of ACL merge method to use, use the mls aclmerge algorithm command. mls aclmerge algorithm {bdd | odm} Syntax Description bdd Specifies the BDD-based algorithm. odm Specifies the ODM-based algorithm. Defaults bdd Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The BDD-based ACL merge uses Boolean functions to condense entries into a single merged list of TCAM entries that can be programmed into the TCAM. You cannot disable the ODM-based ACL merge on Catalyst 6500 series switches. The ODM-based ACL merge uses an order-dependent merge algorithm to process entries that can be programmed into the TCAM. Note The ODM-based ACL merge supports both security ACLs and ACLs that are used for QoS filtering. If you change the algorithm method, the change is not retroactive. For example, ACLs that have had the merge applied are not affected. The merge change applies to future merges only. Use the show fm summary command to see the status of the current merge method. Examples This example shows how to select the BDD-based ACL to process ACLs: Router(config)# mls aclmerge algorithm bdd The algorithm chosen will take effect for new ACLs which are being applied, not for already applied ACLs. Router(config) This example shows how to select the ODM-based ACL merge to process ACLs: Router(config)# mls aclmerge algorithm odm The algorithm chosen will take effect for new ACLs which are being applied, not for already applied ACLs. Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-393 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls aclmerge algorithm Related Commands Command Description show fm summary Displays a summary of feature manager information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-394 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls acl tcam default-result mls acl tcam default-result To set the default action during the ACL TCAM update, use the mls acl tcam default-result command. To return to the default settings, use the no form of this command. mls acl tcam default-result {permit | deny | bridge} no mls acl tcam default-result Syntax Description permit Permits all traffic. deny Denies all traffic. bridge Bridges all Layer 3 traffic up to the rendezvous point. Defaults deny Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines In the transition time between when an existing ACL is removed and a new ACL is applied, a default deny is programmed in the hardware. Once the new ACL has been applied completely in the hardware, the default deny is removed. Use the mls acl tcam default-result permit command to permit all traffic in the hardware or bridge all traffic to the software during the transition time. Examples This example shows how to permit all traffic to pass during the ACL TCAM update: Router(config)# mls acl tcam default-result permit Router(config)# This example shows how to deny all traffic during the ACL TCAM update: Router(config)# mls acl tcam default-result deny Router(config)# This example shows how to bridge all Layer 3 traffic up to the rendezvous point during the ACL TCAM update: Router(config)# mls acl tcam default-result bridge Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-395 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls acl tcam share-global mls acl tcam share-global To enable sharing of the global default ACLs, use the mls acl tcam share-global command. To turn off sharing of the global defaults, use the no form of this command. mls acl tcam share-global no mls acl tcam share-global Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable sharing of the global default ACLs: Router(config)# mls acl tcam share-global Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-396 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls aging fast mls aging fast To configure the fast-aging time for unicast entries in the Layer 3 table, use the mls aging fast command. To restore the MLS fast-aging time to the default settings, use the no form of this command. mls aging fast [{threshold packet-count} [{time seconds}]] mls aging fast [{time seconds} [{threshold packet-count}]] no mls aging fast Syntax Description Defaults threshold packet-count (Optional) Specifies the packet count of the fast-aging threshold for Layer 3 fast aging; valid values are from 1 to 128. time seconds (Optional) Specifies how often entries are checked; valid values are from 1 to 128 seconds. The defaults are as follows: • Fast aging is disabled. • If fast aging is enabled, the default packet-count value is 100 packets and the seconds default is 32 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command has no effect when you configure sampled NetFlow. You must disable sampled NetFlow to allow this command to take effect. Examples This example shows how to configure the MLS fast-aging threshold: Router(config)# mls aging fast threshold 50 Router(config)# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-397 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls aging long mls aging long To configure the long-aging time for unicast entries in the Layer 3 table, use the mls aging long command. To restore the MLS long-aging time to the default settings, use the no form of this command. mls aging long seconds no mls aging long Syntax Description seconds Defaults 1920 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Layer 3 long-aging timeout; valid values are from 64 to 1920 seconds. Usage Guidelines This command has no effect when you configure sampled NetFlow. You must disable sampled NetFlow to allow this command to take effect. Examples This example shows how to configure the MLS long-aging threshold: Router(config)# mls aging long 800 Router(config)# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-398 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls aging normal mls aging normal To configure the normal-aging time for unicast entries in the Layer 3 table, use the mls aging normal command. To restore the MLS normal-aging time to the default settings, use the no form of this command. mls aging normal seconds no mls aging normal Syntax Description seconds Defaults 300 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Normal aging timeout for Layer 3; valid values are from 32 to 4092 seconds. Usage Guidelines This command has no effect when you configure sampled NetFlow. You must disable sampled NetFlow to allow this command to take effect. Examples This example shows how to configure the MLS normal-aging threshold: Router(config)# mls aging normal 200 Router(config)# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-399 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls cef maximum-routes mls cef maximum-routes To limit the maximum number of the routes that can be programmed in the hardware allowed per protocol, use the mls cef maximum-routes command. To return to the default settings, use the no form of this command. mls cef maximum-routes {ip maximum-routes} | {ip-multicast maximum-routes} | {ipv6 maximum-routes} | {mpls maximum-routes} no mls cef maximum-routes {ip | ip-multicast | ipv6 | mpls} Syntax Description Defaults ip Specifies the maximum number of IP routes. maximum-routes Maximum number of the routes that can be programmed in the hardware allowed per protocol; see the “Usage Guidelines” section for valid values. ip-multicast Specifies the maximum number of multicast routes. ipv6 Specifies the maximum number of IPv6 routes. mpls Specifies the maximum number of MPLS labels. The defaults are as follows: • For XL-mode systems: – IPv4 unicast and MPLS—512,000 routes – IPv6 multicast/unicast and IPv4 multicast—256,000 routes • For non-XL mode systems: – IPv4 unicast and MPLS—192,000 routes – IPv6 multicast/unicast and IPv4 multicast—32,000 routes Note The size of the global Internet routing table plus any local routes might exceed the non-XL mode default partition sizes. See the “Usage Guidelines” section for additional information. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-400 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls cef maximum-routes Usage Guidelines Note If you copy a configuration file that contains the MLS CEF maximum routes into the startup-config file and reload the Catalyst 6500 series switch, the Catalyst 6500 series switch reloads after it reboots. The mls cef maximum-routes command limits the maximum number of the routes that can be programmed in the hardware. If routes are detected that exceed the limit for that protocol, an exception condition is generated. The XL and non-XL modes are based on the type of PFC module that is installed in your system. You cannot configure the mode except by the installed hardware. The Supervisor Engine 32 PISA contains a PFC3B and is considered a non-XL mode system. The valid values for max-routes are as follows: Note • IP and MPLS— Up to 239,000 routes • IP-multicast and IPv6 multicast/unicast—Up to 119,000 routes The maximum values that you are permitted to configure is not fixed but varies depending on the values that are allocated for other protocols. An example of how to enter the maximum routes argument is as follows: Router(config)# mls cef maximum-routes ip 4 where 4 is 4096 IP routes (1024 x4 = 4096). The new configurations are applied after a system reload only and do not take effect if a switchover occurs. In RPR mode, if you change and save the maximum-routes configuration, the redundant supervisor engine reloads when it becomes active from either a switchover or a system reload. The reload occurs 5 minutes after the supervisor engine becomes active. Use the show mls cef maximum-routes command to view the current maximum routes system configuration. Examples This example shows how to set the maximum number of routes that are allowed per protocol: Router(config)# mls cef maximum-routes ip 100 Router(config)# This example shows how to return to the default setting for a specific protocol: Router(config)# no mls cef maximum-routes ip Router(config)# Related Commands Command Description show mls cef maximum-routes Displays the current maximum-route system configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-401 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls cef tunnel fragment mls cef tunnel fragment To allow tunnel fragmentation, use the mls cef tunnel fragment command. To return to the default settings, use the no form of this command. mls cef tunnel fragment no mls cef tunnel fragment Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enable tunnel fragmentation, if the size of the packets that are going into a tunnel interface exceed the MTU, the packet is fragmented. The packets that are fragmented are reassembled at the destination point. Examples This example shows how to allow tunnel fragmentation: Router(config)# mls cef tunnel fragment Router(config)# This example shows how to return to the default setting: Router(config)# no mls cef tunnel fragment Router(config)# Related Commands Command Description show mls cef tunnel fragment Displays the operational status of tunnel fragmentation. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-402 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls erm priority mls erm priority To assign the priorities to define an order in which protocols attempt to recover from the exception status, use the mls erm priority command. To return to the default settings, use the no form of this command. mls erm priority {ipv4 value} {ipv6 value} {mpls value} no mls erm priority {ipv4} {ipv6} {mpls} Syntax Description Defaults ipv4 Prioritizes the IPv4 protocol. value Priority value; valid values are from 1 to 3. ipv6 Prioritizes the IPv6 protocol. mpls Prioritizes the MPLS protocol. The default settings are as follows: • ipv4 is 1. • ipv6 is 2. • mpls is 3. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines A lower value indicates a higher priority. When a protocol sees a FIB table exception, the protocol notifies the FIB ERM manager. The FIB ERM manager periodically polls the FIB table exception status and decides which protocol gets priority over another protocol when multiple protocols are running under the exception. Only one protocol can attempt to recover from an exception at any time. If there is sufficient FIB space, the protocol with the highest priority tries to recover first. Other protocols under the exception do not start to recover until the previous protocol completes the recovery process by reloading the appropriate FIB table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-403 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls erm priority Examples This example shows how to set the ERM exception-recovery priority: Router(config)# mls erm priority ipv4 1 ipv6 2 mpls 3 Router(config)# This example shows how to return to the default setting: Router(config)# no mls erm priority ipv4 ipv6 mpls Router(config)# Related Commands Command Description show mls cef exception Displays information about the CEF exception. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-404 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls exclude protocol mls exclude protocol To specify the interface protocol to exclude from shortcutting, use the mls exclude protocol command. To remove a prior entry, use the no form of this command. mls exclude protocol {{both | tcp | udp}{port port-number}} no mls exclude Syntax Description both Specifies both UDP and TCP. tcp Excludes TCP interfaces from shortcutting. udp Specifies UDP interfaces from shortcutting. port port-number Specifies the port number; valid values are from 1 to 65535. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to configure MLS to exclude UDP on port 69: Router(config)# mls exclude protocol udp port 69 Router(config)# Related Commands Command Description show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-405 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls exclude protocol Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-406 OL-11437-01 22 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls flow mls flow To configure the flow mask for NDE, use the mls flow command. To restore the flow mask to the default, use the no form of this command. mls flow {{ip | ipv6} {destination | destination-source | full | interface-destination-source | interface-full | source}} no mls flow {ip | ipv6} Syntax Description ip Enables the flow mask for MLS IP packets. ipv6 Enables the flow mask for MLS IPv6 packets. destination Uses the destination IP address as the key to the Layer 3 table. destination-source Uses the destination and the source IP address as the key to the Layer 3 table. full Uses the source and destination IP address, the IP protocol (UDP or TCP), and the source and destination port numbers as the keys to the Layer 3 table. interface-destination- Uses all the information in the destination and source flow mask and the source source VLAN number as the keys to the Layer 3 table. interface-full Uses all the information in the full flow mask and the source VLAN number as the keys to the Layer 3 table. source Uses all the information in the source flow mask only. Defaults The NDE flow mask is null. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command collects statistics for the supervisor engine. Examples This example shows how to set the minimum flow mask for an extended access list for MLS IP: Router(config)# mls flow ip full Router(config)# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-407 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip mls ip To enable MLS IP for the internal router on the interface, use the mls ip command. To disable MLS IP on the interface, use the no form of this command. mls ip no mls ip Syntax Description This command has no arguments or keywords. Defaults Multicast is disabled. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable shortcuts for MLS IP: Router(config-if)# mls ip Router(config-if)# Related Commands Command Description mls rp ip (interface configuration mode) Allows the external systems to enable MLS IP on a specified interface. show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-408 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip acl port expand mls ip acl port expand To enable ACL-specific features for Layer 4, use the mls ip acl port expand command. To disable the ACL-specific Layer 4 features, use the no form of this command. mls ip acl port expand no mls ip acl port expand Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable the expansion of ACL logical operations on Layer 4 ports: Router(config)# mls ip acl port expand Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-409 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef accounting per-prefix mls ip cef accounting per-prefix To enable MLS per-prefix accounting, use the mls ip cef accounting per-prefix command. To disable MLS per-prefix accounting, use the no form of this command mls ip cef accounting per-prefix prefix-entry prefix-entry-mask [instance-name] no mls ip cef accounting per-prefix Syntax Description prefix Prefix entry in the format A.B.C.D. prefix-entry-mask Prefix entry mask in the format A.B.C.D. instance-name (Optional) VPN routing and forwarding instance name. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Per-prefix accounting collects the adjacency counters used by the prefix. When the prefix is used for accounting, the adjacency cannot be shared with other prefixes. You can use per-prefix accounting to account for the packets sent to a specific destination. Examples This example shows how to enable MLS per-prefix accounting: Router(config)# mls ip cef accounting per-prefix 172.20.52.18 255.255.255.255 Router(config)# This example shows how to disable MLS per-prefix accounting: Router(config)# no mls ip cef accounting per-prefix Router(config)# Related Commands Command Description show mls cef ip accounting per-prefix Displays all the prefixes that are configured for the statistic collection. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-410 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef load-sharing mls ip cef load-sharing To configure the CEF load balancing, use the mls ip cef load-sharing command. To return to the default settings, use the no form of this command. mls ip cef load-sharing [full [exclude-port {destination | source}]] [simple] no mls ip cef load-sharing Syntax Description full (Optional) Sets the CEF load balancing to include source and destination Layer 4 ports and source and destination IP addresses (Layer 3). exclude-port destination (Optional) Excludes the destination Layer 4 ports and source and destination IP addresses (Layer 3) from the load-balancing algorithm. exclude-port source (Optional) Excludes the source Layer 4 ports and source and destination IP addresses (Layer 3) from the load-balancing algorithm. simple (Optional) Sets the CEF load balancing for single-stage load sharing. Defaults Source and destination IP address and universal identification Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mls ip cef load-sharing command affects the IPv4, the IPv6, and the MPLS forwardings. The mls ip cef load-sharing command is structured as follows: • mls ip cef load-sharing full—Uses Layer 3 and Layer 4 information with multiple adjacencies. • mls ip cef load-sharing full simple—Uses Layer 3 and Layer 4 information without multiple adjacencies. • mls ip cef load-sharing simple—Uses Layer 3 information without multiple adjacencies. For additional guidelines, refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Examples This example shows how to set load balancing to include Layer 3 and Layer 4 ports with multiple adjacencies: Router(config)# mls ip cef load-sharing full Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-411 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef load-sharing This example shows how to set load balancing to exclude the destination Layer 4 ports and source and destination IP addresses (Layer 3) from the load-balancing algorithm: Router(config)# mls ip cef load-sharing full exclude-port destination Router(config)# This example shows how to set load balancing to exclude the source Layer 4 ports and source and destination IP addresses (Layer 3) from the load-balancing algorithm: Router(config)# mls ip cef load-sharing full exclude-port source Router(config)# This example shows how to return to the default setting: Router(config)# no mls ip cef load-sharing Router(config)# Related Commands Command Description show mls cef ip Displays the IP entries in the MLS-hardware Layer 3-switching table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-412 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef rate-limit mls ip cef rate-limit To rate-limit CEF-punted data packets, use the mls ip cef rate-limit command. To disable the rate-limited CEF-punted data packets, use the no form of this command. mls ip cef rate-limit pps no mls ip cef rate-limit Syntax Description pps Defaults No rate limit is configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Number of data packets; valid values are from 0 to 1000000. Certain denial-of-service attacks target the route processing engines of routers. Certain packets that cannot be forwarded by the PFC are directed to the PISA for processing. Denial-of-service attacks can overload the route processing engine and cause routing instability when running dynamic routing protocols. You can use the mls ip cef rate-limit command to limit the amount of traffic that is sent to the PISA to prevent denial-of-service attacks against the route processing engine. This command rate limits all CEF-punted data packets including the following: • Data packets going to the local interface IP address • Data packets requiring ARP Setting the rate to a low value could impact the packets that are destined to the IP addresses of the local interfaces and the packets that require ARP. You should use this command to limit these packets to a normal rate and to avoid abnormal incoming rates. For additional guidelines, refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Examples This example shows how to enable and set rate limiting: Router(config)# mls ip cef rate-limit 50000 Router(config)# Related Commands Command Description show mls cef ip Displays the IP entries in the MLS-hardware Layer 3-switching table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-413 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef rpf hw-enable-rpf-acl mls ip cef rpf hw-enable-rpf-acl To enable hardware uRPF for packets matching the deny ace when uRPF with ACL is enabled, use the mls ip cef rpf hw-enable-rpf-acl command. To disable hardware uRPF when RPF and ACL are enabled, use the no form of this command. mls ip cef rpf hw-enable-rpf-acl no mls ip cef rpf hw-enable-rpf-acl Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enter the mls ip cef rpf hw-enable-rpf-acl command, when the uRPF with ACL is specified, packets that are permitted by the uRPF ACL are forwarded in hardware and the denied packets are sent to the PISA for the uRPF check. This command enables hardware forwarding with the uRPF check for the packets that are denied by the uRPF ACL. However in this case packets permitted by uRPF ACL are sent to the PISA for forwarding. uRPF is not supported on PVLAN host ports. Examples This example shows how to enable hardware uRPF when RPF and ACL are enabled: Router(config)# mls ip cef rpf hw-enable-rpf-acl Router(config)# This example shows how to disable hardware uRPF when RPF and ACL are enabled: Router(config)# no mls ip cef rpf hw-enable-rpf-acl Router(config)# Related Commands Command Description ip verify unicast source reachable-via {any | rx} Enables and configures RPF checks with ACL. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-414 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef rpf interface-group mls ip cef rpf interface-group To define an interface group in the RPF-VLAN table, use the mls ip cef rpf interface-group command. To delete the interface group, use the no form of this command. mls ip cef rpf interface-group group-number interface1 interface2 interface3 [...] no mls ip cef rpf interface-group group-number interface1 interface2 interface3 [...] Syntax Description group-number Interface group number; valid values are from 1 to 4. interface Interface number; see the “Usage Guidelines” section for formatting guidelines. ... (Optional) Additional interface numbers; see the “Usage Guidelines” section for additional information. Defaults No groups are configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines A single interface group contains three to six interfaces. You can configure up to four interface groups. For each interface group, the first four entries are installed in the hardware RPF-VLAN table. Enter the interface as interface-typemod/port. Separate each interface entry with a space. You do not have to include a space between the interface-type and the mod/port arguments. See the “Examples” section for a sample entry. Examples This example shows how to define an interface group: Router(config)# mls ip cef rpf interface-group 0 F2/1 F2/2 F2/3 F2/4 F2/5 F2/6 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-415 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip cef rpf multipath mls ip cef rpf multipath To configure the RPF modes, use the mls ip cef rpf multipath command. To return to the default settings, use the no form of this command. mls ip cef rpf multipath {interface-group | punt | pass} Syntax Description interface-group Disables the RPF check for packets coming from multiple path routes; see the “Usage Guidelines” section for additional information. punt Redirects the RPF-failed packets to the route processor for multiple path prefix support. pass Disables the RPF check for packets coming from multiple path routes. Defaults punt Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-group mode is similar to the pass mode but utilizes the RPF_VLAN global table for the RPF check. Packets from other multiple path prefixes always pass the RPF check. You enter the mls ip cef rpf multipath interface-group command to define an RPF_VLAN table interface group. One interface group contains from three to six interfaces, and you can configure up to four interface groups. For each interface group, the first four entries are installed in the hardware RPF_VLAN table. For the prefix that has more than three multiple paths, and all paths except two are part of that interface group, the FIB entry of that prefix uses this RPF_VLAN entry. Examples This example shows how to redirect the RPF-failed packets to the route processor for multiple path prefix support: Router(config)# mls ip cef rpf multipath interface-group Router(config)# Related Commands Command Description show mls cef ip Displays the IP entries in the MLS-hardware Layer 3-switching table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-416 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip delete-threshold mls ip delete-threshold To delete the configured ACL thresholds, use the mls ip delete-threshold command. mls ip delete-threshold acl-num Syntax Description acl-num Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Reflective ACL number; valid values are from 1 to 10000. Usage Guidelines The mls ip delete-threshold command is active only when you enable the mls ip reflexive ndr-entry tcam command. Examples This example shows how to delete an ACL threshold: Router(config)# mls ip delete-threshold 223 Router(config)# Related Commands Command Description mls ip install-threshold Installs the configured ACL thresholds. mls ip reflexive ndr-entry tcam Enables the shortcuts in TCAM for the reflexive TCP/UDP entries when installed by the NDR. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-417 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip directed-broadcast mls ip directed-broadcast To enable the hardware switching of the IP-directed broadcasts, use the mls ip directed-broadcast command. To return to the default settings, use the no form of this command. mls ip directed-broadcast {exclude-router | include-router} no mls ip directed-broadcast Syntax Description exclude-router Forwards the IP-directed broadcast packet in the hardware to all hosts in the VLAN except the router. include-router Forwards the IP-directed broadcast packet in the hardware to all hosts in the VLAN including the router. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The exclude-router and include-router keywords both support hardware switching, but exclude-router does not send a copy of the hardware-switched packets to the router. If you enter the include-router keyword, the router does not forward the IP-directed broadcast packet again. In the default mode, IP-directed broadcast packets are not forwarded in the hardware; they are handled at the process level by the PISA. The PISA decision to forward or not forward the packet is dependent on the ip directed-broadcast command configuration. There is no interaction between the ip directed-broadcast command and the mls ip directed-broadcast command. The ip directed-broadcast command involves software forwarding, and the mls ip directed-broadcast command involves hardware forwarding. MLS IP-directed broadcast supports a secondary interface address. Any packets that hit the CPU are not forwarded unless you add the ip directed-broadcast command to the same interface. You can configure the MLS IP-directed broadcasts on a port-channel interface but not on the physical interfaces on the port-channel interface. If you want to add a physical interface to a port-channel group, the physical interface cannot have the MLS IP-directed broadcast configuration. You have to first remove the configuration manually and then add the physical interface to the channel group. If a physical interface is already part of a channel group, the CLI will not accept the mls ip directed-broadcast configuration command on that physical interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-418 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip directed-broadcast Examples This example shows how to forward the IP-directed broadcast packet in the hardware to all hosts in the VLAN with the exception of the router: Router(config-if)# mls ip directed-broadcast exclude-router Router(config-if)# This example shows how to forward the IP-directed broadcast packet in the hardware to all hosts in the VLAN: Router(config-if)# mls ip directed-broadcast include-router Router(config-if)# Related Commands Command Description show mls cef adjacency Displays hardware-switched IP-directed broadcast information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-419 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip inspect mls ip inspect To permit traffic through any ACLs that would deny the traffic through other interfaces, use the mls ip inspect command. To return to the default settings, use the no form of this command. mls ip inspect acl-name no mls ip inspect acl-name Syntax Description acl-name Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. ACL name. Usage Guidelines On a Catalyst 6500 series switch, when interfaces are configured to deny traffic, the CBAC permits traffic to flow bidirectionally only through the interface that is configured with the ip inspect command. Examples This example shows how to permit the traffic through a specific ACL (named deny_ftp_c): Router(config)# mls ip inspect deny_ftp_c Router(config)# Related Commands Command Description ip inspect Applies a set of inspection rules to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-420 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip install-threshold mls ip install-threshold To install the configured ACL thresholds, use the mls ip install-threshold command. mls ip install-threshold acl-num Syntax Description acl-num Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Reflective ACL number; valid values are from 1 to 10000. Usage Guidelines The mls ip install-threshold command is active only when you enable the mls ip reflexive ndr-entry tcam command. Examples This example shows how to install an ACL threshold: Router(config)# mls ip install-threshold 123 Router(config)# Related Commands Command Description mls ip delete-threshold Deletes configured ACL thresholds. mls ip reflexive ndr-entry tcam Enables the shortcuts in TCAM for the reflexive TCP/UDP entries when installed by the NDR. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-421 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast (global configuration mode) mls ip multicast (global configuration mode) To enable MLS IP and configure the hardware switching globally, use the mls ip multicast command. To disable MLS IP, use the no form of this command. mls ip multicast [capability] mls ip multicast [vrf name] [connected | egress local | mfd | refresh-state | shared-tree-mfd | threshold ppsec] no mls ip multicast [vrf] Syntax Description capability (Optional) Exports the information about the egress capability from the switch processor to the route processor. vrf name (Optional) Specifies the VRF name. connected (Optional) Installs the interface/mask entries for bridging directly connected sources to the internal router. egress local (Optional) Populates the multicast expansion table with local Layer 3-routed interfaces. mfd (Optional) Enables complete hardware switching. refresh-state (Optional) Refreshes the expiration time of the (S,G) entry or the (*,G) entry with NULL OIF. shared-tree-mfd (Optional) Enables the complete shortcut for (*,G) flows. threshold ppsec Defaults (Optional) Sets the minimum traffic rate; below this rate, the flow is switched in the software instead of in the hardware. Valid values are from 10 to 10000 seconds. The defaults are as follows: Command Modes • Multicast is disabled. • Hardware switching is allowed for all eligible multicast routes. • connected is enabled. • egress local is disabled. • mfd is enabled. • refresh-state is enabled. • shared-tree-mfd is enabled. Global configuration Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-422 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast (global configuration mode) Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note After you enter the mls ip multicast egress local command, you must perform a system reset for the configuration to take effect. When entering the mls ip multicast egress local command, ensure that IPv6 multicast is not enabled. Since the egress multicast replication performance enhancement feature cannot separately turn on or turn off IPv4 and IPv6, you cannot have IPv4 and IPv6 multicast enabled when this feature is turned on. These optional keywords are supported: • threshold • connected • refresh-state • shared-tree-mfd • mfd The threshold ppsec optional keyword and argument do not impact flows that are already populated in the hardware cache. The expiration time refresh is updated when flow statistics are received from the Catalyst 6500 series switch (indicating that the traffic is received from the RPF interface). Examples This example shows how to enable the MLS IP shortcuts: Router(config)# mls ip multicast Router(config)# This example shows how to enable the hardware switching on a specific multicast route: Router(config)# mls ip multicast vrf test1 Router(config)# This example shows how to export the information about egress capability from the switch processor to the route processor: Router(config)# mls ip multicast capability Router(config)# This example shows how to populate the multicast expansion table with local Layer 3-routed interfaces: Router(config)# mls ip multicast egress local Router(config)# Related Commands Command Description mls rp ip (global configuration mode) Enables external systems to establish IP shortcuts to the PISA. show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-423 Chapter 2 mls ip multicast (interface configuration mode) Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast (interface configuration mode) To enable MLS IP shortcuts on the interface, use the mls ip multicast command. To disable MLS IP shortcuts on the interface, use the no form of this command. mls ip multicast no mls ip multicast Syntax Description This command has no arguments or keywords. Defaults Multicast is disabled. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable the MLS IP shortcuts: Router(config-if)# mls ip multicast Router(config-if)# Related Commands Command Description show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-424 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast bidir gm-scan-interval mls ip multicast bidir gm-scan-interval To set the RPF scan interval for the Bidir rendezvous point, use the mls ip multicast bidir gm-scan-interval command. To disable the RPF scan interval for the Bidir rendezvous point, use the no form of this command. mls ip multicast bidir gm-scan-interval interval no mls ip multicast bidir gm-scan-interval Syntax Description interval Defaults 10 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. RPF scan interval for the Bidir rendezvous point; valid values are from 1 to 1000 seconds. Usage Guidelines When you set the RPF scan interval for the Bidir rendezvous point, you set the time that the periodic scan timer updates the RPF in the DF table for all Bidir rendezvous points in the hardware. Examples This example shows how to set the RPF scan interval for the Bidir rendezvous point: Router(config)# mls ip multicast bidir gm-scan-interval 30 Router(config)# Related Commands Command Description show mls ip multicast bidir Displays the Bidir hardware-switched entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-425 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast connected mls ip multicast connected To enable the downloading of directly connected subnets globally, use the mls ip multicast connected command. To disable the downloading of directly connected subnets globally, use the no form of this command. mls ip multicast connected no mls ip multicast connected Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Do not create directly connected subnets for the following cases: • To make more room available in the FIB TCAM • The switch is the first-hop router for a source • The entries are for Bidir, SSM, and DM mode groups In these cases, if you enable the downloading of directly connected subnets, the directly connected source hits the MMLS (*,G) entry and is switched using the MMLS (*,G) entry. The registers are not sent to the route processor (in the case of PIM-SM), and the (S,G) state is not created on the first hop (in the case of PIM-DM). The subnet entry is installed in the TCAM entries with a shorter mask to catch directly connected sources before they hit such entries. You can punt traffic from directly connected sources to the PISA. Once the PISA sees this traffic, it can install an MMLS (S,G) entry for this source, which gets installed before the subnet entry in the TCAM. New packets from this source are now switched with the (S,G) entry. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-426 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast connected Examples This example shows how to enable the downloading of directly connected subnets: Router(config)# mls ip multicast connected Router(config)# Related Commands Command Description mls ip multicast (global configuration mode) Enables MLS IP and configures the hardware switching globally. show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-427 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast consistency-check mls ip multicast consistency-check To enable and configure the hardware-shortcut consistency checker, use the mls ip multicast consistency-check command. To disable the consistency checkers, use the no form of this command. mls ip multicast consistency-check [{settle-time seconds} | {type scan-mroute [count count-number] | {settle-time seconds}} | {period seconds}] no mls ip multicast consistency-check Syntax Description Defaults settle-time seconds (Optional) Specifies the settle time for entry/oif for the consistency checker; valid values are from 2 to 3600 seconds. type scan-mroute (Optional) Specifies the type of consistency check as a scan check of the mroute table. count count-number (Optional) Specifies the maximum number of prefixes to check per scan; valid values are from 2 to 500. period seconds (Optional) Specifies the period between scans; valid values are from 2 to 3600 seconds. The defaults are as follows: • Consistency check is enabled. • count count-number is 20. • period seconds is 2 seconds. • settle-time seconds is 60 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The oif entry is the outgoing interface of a multicast {*,G} or {source, group} flow. The consistency checker scans the mroute table and assures that the multicast-hardware entries are consistent with the mroute table. Whenever an inconsistency is detected, the inconsistency is automatically corrected. To display the inconsistency error, use the show mls ip multicast consistency-check command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-428 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast consistency-check Examples This example shows how to enable the hardware-shortcut consistency checker: Router (config)# mls ip multicast consistency-check Router (config)# This example shows how to enable the hardware-shortcut consistency checker and configure the scan check of the mroute table: Router (config)# mls ip multicast consistency-check type scan-mroute count 20 period 35 Router (config)# This example shows how to enable the hardware-shortcut consistency checker and specify the period between scans: Router (config)# mls ip multicast consistency-check type scan-mroute period 35 Router (config)# Related Commands Command Description show mls ip multicast consistency-check Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-429 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast flow-stat-timer mls ip multicast flow-stat-timer To set the time interval between two consecutive batches of flow-statistics messages from the switch processor to the route processor, use the mls ip multicast flow-stat-timer command. To return to the default settings, use the no form of this command. mls ip multicast flow-stat-timer num no mls ip multicast flow-stat-timer Syntax Description num Defaults 25 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Time interval between two consecutive batches of flow-statistics messages from the switch processor to the route processor. This example shows how to configure the time interval between two consecutive batches of flow-statistics messages from the switch processor to the route processor: Router (config)# mls ip multicast flow-stat-timer 10 Router (config)# Related Commands Command Description show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-430 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast replication-mode mls ip multicast replication-mode To enable and specify the replication mode, use the mls ip multicast replication-mode command. To restore the system to automatic detection mode, use the no form of this command. mls ip multicast replication-mode {egress | ingress} no mls ip multicast replication-mode {egress | ingress} Syntax Description egress Forces the system to the egress mode of replication. ingress Forces the system to the ingress mode of replication. Defaults ingress Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note The Supervisor Engine 32 PISA does not support the egress keyword. During the change from egress- to ingress-replication mode, traffic interruptions may occur because the shortcuts are purged and reinstalled. To avoid interruptions in traffic forwarding, enter the mls ip multicast replication-mode ingress command. If you enter the no mls ip multicast replication-mode ingress command, only the forced-ingress mode resets Examples This example shows how to enable the ingress-replication mode: Router (config)# mls ip multicast replication-mode ingress Router (config)# Related Commands Command Description show mls ip multicast capability Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-431 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast sso mls ip multicast sso To configure the SSO parameters, use the mls ip multicast sso command. To return to the default settings, use the no form of this command. mls ip multicast sso {{convergence-time time} | {leak interval} | {leak percentage}} Syntax Description Defaults convergence-time time Specifies the maximum time to wait for protocol convergence; valid values are from 0 to 3600 seconds. leak interval Specifies the packet-leak interval; valid values are from 0 to 3600 seconds. leak percentage Specifies the percentage of multicast packets leaked to the router during switchover so that protocol convergence can take place; valid values are from 1 to 100 percent. The defaults are as follows: • convergence-time time—20 seconds • leak interval—60 seconds • leak percentage—10 percent Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the maximum time to wait for protocol convergence: Router (config)# mls ip multicast sso convergence-time 300 Router (config)# This example shows how to set the packet-leak interval: Router (config)# mls ip multicast sso leak 200 Router (config)# This example shows how to set the packet-leak percentage: Router (config)# mls ip multicast sso leak 55 Router (config)# Related Commands Command Description show mls ip multicast sso Displays information about multicast high-availability SSO. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-432 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast stub mls ip multicast stub To enable the support for non-RPF traffic drops for PIM sparse-mode stub networks, use the mls ip multicast stub command. To disable support for non-RPF traffic drops for PIM sparse-mode stub networks, use the no form of this command. mls ip multicast stub no mls ip multicast stub Syntax Description This command has no arguments or keywords. Defaults Multicast is disabled. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mls ip multicast stub command, creates the following filters on a routed interface or a VLAN: • Permits IP packets from all addresses that are connected to the interface to any IP destination. An address is connected to the interface if it is within the IP address prefixes configured through the ip address addr mask [secondary] command. This filter is meant to permit unicast and multicast packets from directly connected sources. • Permits IP multicast packets from any source address to multicast group prefixes 224.0.0.0/24 and 224.0.1.0/24. This filter allows packets to be sent from any source address to well-known multicast addresses; 224.0.0.0/24 is used by protocols such as PIM, OSPF, EIGRP, or NTP. Addresses in 224.0.1.0/24 are used by protocols such as AutoRP (224.0.1.39, 224.0.1.40). • Denies any other IP multicast packets. This deny filter is meant to inhibit any multicast packets from nondirectly connected sources and is applied to the packets received on this interface or VLAN. The permit IP multicast packets and the deny any other IP multicast packets filters are the same for all interface or VLANs to which you configure the mls ip multicast stub command. The permit IP packets from all addresses that are connected to the interface to any IP destination filter is different for each interface or VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-433 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast stub Examples This example shows how to enable the support for the non-RPF traffic drops for the PIM sparse-mode stub networks: Router(config-if)# mls ip multicast stub Router(config-if)# Related Commands Command Description show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-434 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip multicast threshold mls ip multicast threshold To configure a threshold rate for installing hardware shortcuts, use the mls ip multicast threshold command. To deconfigure the threshold, use the no form of this command. mls ip multicast threshold ppsec no mls ip multicast threshold Syntax Description ppsec Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Threshold in packets per seconds; valid values are from 10 to 10000 packets per second. Use this command to prevent creation of MLS entries for short-lived multicast flows such as join requests. If multicast traffic drops below the configured multicast rate threshold, all multicast traffic is routed by the PISA. This command does not affect already installed routes. For example, if you enter this command and the shortcuts are already installed, the shortcuts are not removed if they are disqualified. To apply the threshold to existing routes, clear the route and let it reestablish. Examples This example shows how to configure the IP MLS threshold to 10 packets per second: Router (config)# mls ip multicast threshold 10 Router (config)# Related Commands Command Description mls rp ip (global configuration mode) Enables external systems to establish IP shortcuts to the PISA. show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-435 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip nat netflow-frag-l4-zero mls ip nat netflow-frag-l4-zero To zero out the Layer 4 information in the NetFlow lookup table for fragmented packets, use the mls ip nat netflow-frag-l4-zero command. mls ip nat netflow-frag-l4-zero Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported in PFC3BXL or PFC3B mode only. U se the mls ip nat netflow-frag-l4-zero command to prevent matching the first fragment to the NetFlow shortcut (normal operation) that is sent to the software. The next fragments that are sent to the software are translated based on the Layer 4 port information from the first fragment. The translation based on the Layer 4 port information from the first fragment occurs because there are no fragment bits for matching in the NetFlow key. When there is a large feature configuration on an interface that requires a large number of ACL TCAM entries/masks that are programmed in TCAM, if the interface is configured as a NAT-inside interface, the feature configuration may not fit in the ACL TCAM and the traffic on the interface may get switched in the software. Examples This example shows how to zero out the Layer 4 information in the NetFlow lookup table for fragmented packets: Router (config)# mls ip nat netflow-frag-l4-zero Router (config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-436 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip pbr mls ip pbr To enable the MLS support for policy-routed packets, use the mls ip pbr command. To disable the MLS support for policy-routed packets, use the no form of this command. mls ip pbr [null0] no mls ip pbr Syntax Description null0 Defaults MLS support for policy-routed packets is disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Enables the hardware support for the interface null0 in the route maps. Usage Guidelines Note Do not enable PBR and SLB on the same interface; PBR-based packets are not forwarded correctly. When you enable the hardware-policy routing by entering the mls ip pbr command, all policy routing occurs in the hardware and is applied to all interfaces, regardless of which interface was configured for policy routing. Use the null0 keyword when you have routed traffic only to enable the hardware support for the set interface null0 in the route maps. Examples This example shows how to enable the MLS support for policy-routed packets: Router(config)# mls ip pbr Router(config)# Related Commands Command Description show tcam interface vlan acl Displays information about the interface-based TCAM. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-437 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ip reflexive ndr-entry tcam mls ip reflexive ndr-entry tcam To enable the shortcuts in TCAM for the reflexive TCP/UDP entries when installed by the NDR, use the mls ip reflexive ndr-entry tcam command. To disable the shortcuts in TCAM for the reflexive TCP/UDP entries when installed by the NDR, use the no form of this command. mls ip reflexive ndr-entry tcam no mls ip reflexive ndr-entry tcam Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enter the mls ip reflexive ndr-entry tcam command, the reflexive ACL dynamic entries are installed in TCAM instead of in NetFlow. Examples This example shows how to enable the shortcuts in TCAM for the reflexive TCP/UDP entries when installed by the NDR: Router(config)# mls ip reflexive ndr-entry tcam Router(config)# This example shows how to disable the shortcuts in TCAM for the reflexive TCP/UDP entries when installed by the NDR: Router(config)# no mls ip reflexive ndr-entry tcam Router(config)# Related Commands Command Description mls ip delete-threshold Deletes the configured ACL thresholds. mls ip install-threshold Installs the configured ACL thresholds. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-438 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ipv6 acl compress address unicast mls ipv6 acl compress address unicast To turn on the compression of IPv6 addresses, use the mls ipv6 acl compress address unicast command. To turn off the compression of IPv6 addresses, use the no form of this command. mls ipv6 acl compress address unicast no mls ipv6 acl compress address unicast Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Caution Do not enable the compression mode if you have noncompressible address types in your network. A list of compressible address types and the address compression methosd are listed in Table 2-15. Table 2-15 Compressible Address Types and Methods Address Type Compression Method EUI-64 based on MAC address This address is compressed by removing 16 bits from bit locations [39:24]. No information is lost when the hardware compresses these addresses. Embedded IPv4 address This address is compressed by removing the upper 16 bits. No information is lost when the hardware compresses these addresses. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-439 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ipv6 acl compress address unicast Table 2-15 Compressible Address Types and Methods (continued) Examples Address Type Compression Method Link Local These addresses are compressed by removing the zeros in bits [95:80] and are identified using the same packet type as the embedded IPv4 address. No information is lost when the hardware compresses these addresses. Others If the IPv6 address does not fall into any of the above categories, it is classified as other. If the IPv6 address is classified as other, the following occurs: • If the compress mode is on, the IPv6 address is compressed similarly to the EUI-64 compression method (removal of bits [39:24]) to allow for the Layer 4 port information to be used as part of the key used to look up the QoS TCAM, but Layer 3 information is lost. • If the global compression mode is off, the entire 128 bits of the IPv6 address are used. The Layer 4 port information cannot be included in the key to look up the QoS TCAM because of the size constraints on the IPv6 lookup key. This example shows how to turn on the compression of the noncompressible IPv6 addresses: Router(config)# mls ipv6 acl compress address unicast Router(config)# This example shows how to turn off the compression of the noncompressible IPv6 addresses: Router(config)# no mls ipv6 acl compress address unicast Router(config)# Related Commands Command Description show fm ipv6 traffic-filter Displays the IPv6 information. show mls netflow ipv6 Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-440 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls ipv6 acl source mls ipv6 acl source To deny all IPv6 packets from a source-specific address, use the mls ipv6 acl source command. To accept all IPv6 packets from a source-specific address, use the no form of this command. mls ipv6 acl source {loopback | multicast} no mls ipv6 acl source {loopback | multicast} Syntax Description loopback Denies all IPv6 packets with a source loopback address. multicast Denies all IPv6 packets with a source multicast address. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to deny all IPv6 packets with a source loopback address: Router(config)# mls ipv6 acl source loopback Router(config)# This example shows how to deny all IPv6 packets with a source multicast address: Router(config)# no mls ipv6 acl source multicast Router(config)# Related Commands Command Description show mls netflow ipv6 Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-441 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls mpls (recirculation) mls mpls (recirculation) To enable MPLS recirculation, use the mls mpls command. To disable MPLS recirculation, use the no form of this command. mls mpls {recir-agg | tunnel-recir} no mls mpls {recir-agg | tunnel-recir} Syntax Description recir-agg Recirculates the MPLS aggregated-label packets (new aggregated labels are impacted only). tunnel-recir Recirculates the tunnel-MPLS packets. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enable tunnel-MPLS recirculation, the IPv4 and IPv4-tunneled packets that need to be labeled (for example, the packets that are encapsulated with an MPLS header) will be corrupted when they are transmitted from the Catalyst 6500 series switch. Use the show erm statistics command to display the FIB TCAM exception status for IPv4, IPv6, and MPLS protocols. Examples This example shows how to enable the aggregated-label MPLS recirculation: Router(config)# mls mpls recir-agg Router(config)# This example shows how to enable the tunnel-MPLS recirculation: Router(config)# mls mpls tunnel-recir Router(config)# This example shows how to disable the aggregated-label MPLS recirculation: Router(config)# no mls mpls recir-agg Router(config)# This example shows how to disable the tunnel-MPLS recirculation: Router(config)# no mls mpls tunnel-recir Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-442 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls mpls (recirculation) Related Commands Command Description show erm statistics Displays the FIB TCAM exception status for IPv4, IPv6, and MPLS protocols. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-443 Chapter 2 mls mpls (guaranteed bandwidth traffic engineering) Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls mpls (guaranteed bandwidth traffic engineering) To configure the guaranteed bandwidth traffic engineering flow parameters globally, use the mls mpls command. To return to the default settings, use the no form of this command. mls mpls {{gb-te-burst burst} | {gb-te-cir-ratio ratio} | {gb-te-dscp dscp-value [markdown]} | {gb-te-enable [global-pool]}} no mls mpls {{gb-te-burst burst} | {gb-te-cir-ratio ratio} | {gb-te-dscp dscp-value [markdown]} | {gb-te-enable [global-pool]}} Syntax Description Defaults gb-te-burst burst Specifies the burst duration for the guaranteed bandwidth traffic engineering flows; valid values are from 100 to 30000 milliseconds. gb-te-cir-ratio ratio Specifies the ratio for the committed information rate policing; valid values are from 1 to 100 percent. gb-te-dscp dscp-value Specifies the DSCP map for the guaranteed bandwidth traffic engineering flows; valid values are from 0 to 63. markdown (Optional) Marks down or drops the nonconforming flows. gb-te-enable Enables the guaranteed bandwidth traffic engineering flow policing. global-pool (Optional) Specifies using resources allocated from the global pool to the police traffic engineering flows. The default settings are as follows: • burst is 1000 milliseconds. • ratio is 1 percent. • dscp-value is 40. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the mls qos map dscp-exp command to reset the Exp value of the MPLS packet when the out-label gets swapped. If you do not enable tunnel-MPLS recirculation, the IPv4 and IPv4-tunneled packets that need to be labeled (for example, the packets that are encapsulated with an MPLS header) will be corrupted when they are transmitted from the Catalyst 6500 series switch. Use the show erm statistics command to display the FIB TCAM exception status for IPv4, IPv6, and MPLS protocols. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-444 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls mpls (guaranteed bandwidth traffic engineering) Examples This example shows how to specify the burst duration for the guaranteed bandwidth traffic engineering flows: Router(config)# mls mpls gb-te-burst 2000 Router(config)# This example shows how to specify the ratio for CIR policing: Router(config)# mls mpls gb-te-ratio 30 Router(config)# This example shows how to specify the DSCP map for the guaranteed bandwidth traffic engineering flows and to drop the nonconforming flows: Router(config)# mls mpls gb-te-dscp 25 markdown Router(config)# This example shows how to enable the guaranteed bandwidth traffic engineering flow policing: Router(config)# mls mpls gb-te-enable Router(config)# Related Commands Command Description show erm statistics Displays the FIB TCAM exception status for IPv4, IPv6, and MPLS protocols. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-445 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls nde flow mls nde flow To specify the filter options for NDE, use the mls nde flow command. To clear the NDE flow filter and reset the filter to the default settings, use the no form of this command. mls nde flow {include | exclude} {{dest-port port-num} | {destination ip-addr ip-mask} | {protocol {tcp | udp}} | {source ip-addr ip-mask} | {src-port port-num}} no mls nde flow {include | exclude} Syntax Description Defaults include Allows importing of all flows except the flows matching the given filter. exclude Allows exporting of all flows matching the given filter. dest-port port-num Specifies the destination port to filter; valid values are from 1 to 100. destination ip-addr ip-mask Specifies a destination IP address and mask to filter. protocol Specifies the protocol to include or exclude. tcp Includes or excludes TCP. udp Includes or excludes UDP. source ip-addr ip-mask Specifies a source IP address and subnet mask bit to filter. src-port port-num Specifies the source port to filter. The defaults are as follows: • All expired flows are imported. • Interface export is disabled (no mls nde interface). Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mls nde flow command adds filtering to the NDE. The expired flows matching the specified criteria are exported. These values are stored in NVRAM and do not clear when NDE is disabled. If any option is not specified in this command, it is treated as a wildcard. The NDE filter in NVRAM does not clear when you disable NDE. Only one filter can be active at a time. If you do not enter the exclude or include keyword, the filter is assumed to be an inclusion filter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-446 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls nde flow The include and exclude filters are stored in NVRAM and are not removed if you disable NDE. ip-addr maskbits is the simplified long subnet address format. The mask bits specify the number of bits of the network masks. For example, 172.25.2.1/22 indicates a 22-bit subnet address. The ip-addr is a full host address, such as 193.22.253.1/22. Examples This example shows how to specify an interface flow filter so that only expired flows to destination port 23 are exported (assuming that the flow mask is set to ip-flow): Router(config)# mls nde flow include dest-port 23 Router(config)# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-447 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls nde interface mls nde interface To populate the additional fields in the NDE packets, use the mls nde interface command. To disable the population of the additional fields, use the no form of this command. mls nde interface no mls nde interface Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can configure NDE to populate the following additional fields in the NDE packets: • Egress interface SNMP index • Source-autonomous system number • Destination-autonomous system number • IP address of the next-hop router The ingress-interface SNMP index is always populated if the flow mask is interface-full or interface-src-dst. For detailed information, refer to the “Configuring NDE” chapter of the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-448 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls nde interface Examples This example shows how to populate the additional fields in the NDE packets: Router(config)# mls nde interface Router(config)# This example shows how to disable the population of the additional fields: Router(config)# no mls nde interface Router(config)# Related Commands Command Description mls netflow Enables NetFlow to gather statistics. mls netflow sampling Enables the sampled NetFlow on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-449 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls nde sender mls nde sender To enable MLS NDE export, use the mls nde sender command. To disable MLS NDE export, use the no form of this command. mls nde sender [version version] no mls nde sender Syntax Description version version Defaults The defaults are as follows: (Optional) Specifies the NDE version; valid values are 5 and 7. • MLS NDE export is disabled. • version is 7. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable MLS NDE export: Router(config)# mls nde sender Router(config)# This example shows how to disable MLS NDE export: Router(config)# no mls nde sender Router(config)# Related Commands Command Description show mls nde Displays information about the NDE hardware-switched flow. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-450 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls netflow mls netflow To enable NetFlow to gather the statistics, use the mls netflow command. To disable NetFlow from gathering the statistics, use the no form of this command. mls netflow no mls netflow Syntax Description interface Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Specifies statistics gathering per interface. NetFlow gathers the statistics from traffic that flows through the Catalyst 6500 series switch and stores the statistics in the NetFlow table. You can gather the statistics globally based on a protocol or optionally per interface. If you are not using NDE or the Cisco IOS features that use the hardware NetFlow table (micro-flow QoS, WCCP, TCP Intercept, or Reflexive ACLs), you may safely disable the use and maintenance of the hardware NetFlow table using the no mls netflow command in global configuration mode. Examples This example shows how to gather the statistics: Router(config)# mls netflow Router(config)# This example shows how to disable NetFlow from gathering the statistics: Router(config)# no mls netflow Disabling MLS netflow entry creation. Router(config)# Related Commands Command Description show mls netflow Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-451 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls netflow maximum-flows mls netflow maximum-flows To configure the maximum flow allocation in the NetFlow table, use the mls netflow maximum-flows command. To return to the default settings, use the no form of this command. mls netflow maximum-flows [maximum-flows] no mls netflow maximum-flows Syntax Description maximum-flows Defaults 128 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Maximum number of flows; valid values are 16, 32, 64, 80, 96, and 128. See the “Usage Guidelines” section for additional information. Usage Guidelines The value that you specify for the maximum number of flows is that value times 1000. For example, if you enter 32, you specify that 32,000 is the maximum number of permitted flows. Examples This example shows how to configure the maximum flow allocation in the NetFlow table: Router(config)# mls netflow maximum-flows 96 Router(config)# This example shows how to return to the default setting: Router(config)# no mls netflow maximum-flows Router(config)# Related Commands Command Description show mls netflow table-contention Displays configuration information at the table contention level for the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-452 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls netflow sampling mls netflow sampling To enable the sampled NetFlow on an interface, use the mls netflow sampling command. To disable the sampled NetFlow, use the no form of this command. mls netflow sampling no mls netflow sampling Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To enable sampling, you must enter the mls sampling command and the mls netflow sampling command on the appropriate interfaces. If you do not enter the mls netflow sampling command, NDE will not export flows. Depending on the current flow mask, the sampled NetFlow can be global or per interface. For Interface-Full and Interface-Src-Dest flow masks, the sampled NetFlow is enabled on a per-interface basis. For all the other flow masks, the sampled NetFlow is always global and turned on/off for all interfaces. Enter the mls sampling command to enable the sampled NetFlow globally. Examples This example shows how to enable the sampled NetFlow on an interface: Router(config-if)# mls netflow sampling Router(config-if)# This example shows how to disable the sampled NetFlow on an interface: Router(config-if)# no mls netflow sampling Router(config-if)# Related Commands Command Description mls sampling Enables the sampled NetFlow and specifies the sampling method. show mls sampling Displays information about the sampled NDE status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-453 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls netflow usage notify mls netflow usage notify To monitor the NetFlow table usage on the switch processor, use the mls netflow usage notify command. To return to the default settings, use the no form of this command. mls netflow usage notify {threshold interval} no mls netflow usage notify Syntax Description threshold Percentage threshold that, if exceeded, displays a warning message; valid values are from 20 to 100 percent. interval Frequency that the NetFlow table usage is checked; valid values are from 120 to 1000000 seconds. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If the NetFlow table usage monitoring is enabled and the NetFlow table usage exceeds the percentage threshold, a warning message is displayed. NetFlow gathers statistics from traffic that flows through the Catalyst 6500 series switch and stores the statistics in the NetFlow table. You can gather statistics globally based on a protocol or optionally per interface. If you are not using NDE or the Cisco IOS features that use the hardware NetFlow table (micro-flow QoS, WCCP, TCP Intercept, or Reflexive ACLs), you may safely disable the use and maintenance of the hardware NetFlow table using the no mls netflow command in global configuration mode. Examples This example shows how to configure the monitoring of the NetFlow table usage on the switch processor: Router(config)# mls netflow usage notify 80 300 Router(config)# Related Commands Command Description show mls netflow usage Displays configuration information about the NetFlow hardware. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-454 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos (global configuration mode) mls qos (global configuration mode) To enable the QoS functionality globally, use the mls qos command. To disable the QoS functionality globally, use the no form of this command. mls qos no mls qos Syntax Description This command has no arguments or keywords. Defaults QoS is globally disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enable QoS globally, QoS is enabled on all interfaces with the exception of the interfaces where you disabled QoS. If you disable QoS globally, all traffic is passed in QoS pass-through mode. In port-queueing mode, PFC QoS (marking and policing) is disabled, and packet ToS and CoS are not changed by the PFC. All queueing on rcv and xmt is based on a QoS tag in the incoming packet, which is based on the incoming CoS. For 802.1Q or ISL-encapsulated port links, queueing is based on the packet 802.1Q or ISL CoS. For the router main interfaces or access ports, queueing is based on the configured per-port CoS (the default CoS is 0). This command enables or disables TCAM QoS on all interfaces that are set in the OFF state. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-455 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos (global configuration mode) Examples This example shows how to enable QoS globally: Router(config)# mls qos Router(config)# This example shows how to disable QoS globally on the Catalyst 6500 series switch: Router(config)# no mls qos Router(config)# Related Commands Command Description mls qos (interface configuration mode) Enables the QoS functionality on an interface. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-456 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos (interface configuration mode) mls qos (interface configuration mode) To enable the QoS functionality on an interface, use the mls qos command. To disable QoS functionality on an interface, use the no form of this command. mls qos no mls qos Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Although the CLI allows you to configure PFC-based QoS on the WAN ports on the OC-12 ATM OSMs and on the WAN ports on the channelized OSMs, PFC-based QoS is not supported on the WAN ports on these OSMs. If you disable QoS globally, it is also disabled on all interfaces. This command enables or disables TCAM QoS (classification, marking, and policing) for the interface. Examples This example shows how to enable QoS on an interface: Router(config-if)# mls qos Router(config-if)# Related Commands Command Description mls qos (global configuration mode) Enables the QoS functionality globally. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-457 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos aggregate-policer mls qos aggregate-policer To define a named aggregate policer for use in policy maps, use the mls qos aggregate-policer command. This policer can be shared by different policy map classes and on different interfaces. To delete a named aggregate policer, use the no form of this command. mls qos aggregate-policer name rate-bps mls qos aggregate-policer name rate-bps burst-bytes maximum-burst-bytes mls qos aggregate-policer name rate-bps [{conform-action {drop [exceed-action action]}} | {set-dscp-transmit [new-dscp]} | {set-prec-transmit [new-precedence]} | {transmit [{exceed-action action} | {violate-action action]}} mls qos aggregate-policer aggregate-name rate-bps {pir peak-rate-bps [{conform-action {drop [exceed-action action]}} | {set-dscp-transmit [new-dscp]} | {set-prec-transmit [new-precedence]} | {transmit [{exceed-action action}} | {violate-action action}]]} no mls qos aggregate-policer name Syntax Description Defaults name Name of the aggregate policer. rate-bps Maximum bits per second; valid values are from 32000 to 10000000000. burst-bytes Burst bytes; valid values are from 1000 to 31250000. maximum-burst-bytes Maximum burst bytes; valid values are from 1000 to 31250000 (if entered, must be set equal to normal-burst-bytes). conform-action (Optional) Specifies the action to be taken when the rate is not exceeded. drop (Optional) Drops the packet. exceed-action action (Optional) Specifies the action to be taken when QoS values are exceeded; see the “Usage Guidelines” section for valid values. set-dscp-transmit Sets the DSCP value and sends the packet. new-dscp (Optional) New DSCP value; valid values are from 0 to 63. set-prec-transmit Rewrites packet precedence and sends the packet. new-precedence (Optional) New precedence value; valid values are from 0 to 7. violate-action action (Optional) Specifies the action to be taken when QoS values are violated; see the “Usage Guidelines” section for valid values. pir peak-rate-bps Sets the PIR peak rate; valid values are from 32000 to 10000000000. The defaults are as follows: • extended-burst-bytes is equal to burst-bytes. • conform-action is transmit. • exceed-action is drop. • violate-action is equal to the exceed-action. • pir peak-rate-bps is equal to the normal (cir) rate. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-458 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos aggregate-policer Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Valid values for action are as follows: • drop—Drops the packet • policed-dscp-transmit—Changes the DSCP per the policed-DSCP map and sends it • transmit—Transmits the package The Catalyst 6500 series switch supports up to 1023 aggregates and 1023 policing rules. The mls qos aggregate-policer command allows you to configure an aggregate flow and a policing rule for that aggregate. When you enter the rate and burst parameters, the range for the average rate is 32 Kbps to 4 Gbps (entered as 32000 and 4000000000) and the range for the burst size is 1 KB (entered as 1000) to 512 MB (entered as 512000000). Modifying an existing aggregate rate limit entry causes that entry to be modified in NVRAM and in the Catalyst 6500 series switch if that entry is currently being used. Note Due to hardware granularity, the rate value is limited so the burst that you configure may not be the value that is used. Modifying an existing microflow or aggregate rate limit modifies that entry in NVRAM and in the Catalyst 6500 series switch if it is currently being used. When you enter the aggregate policer name, follow these naming conventions: Examples • Maximum of 31 characters and may include a-z, A-Z, 0-9, the dash character (-), the underscore character (_), and the period character (.) • Must start with an alphabetic character and must be unique across all ACLs of all types • Case sensitive • Cannot be a number • Must not be a keyword; keywords to avoid are all, default-action, map, help, and editbuffer This example shows how to configure a QoS aggregate policer to allow a maximum of 100000 bits per second with a normal burst byte size of 10000, set DSCP to 48 when these rates are not exceeded, and drop packets when these rates are exceeded: Router(config)# mls qos aggregate-policer micro-one 100000 10000 conform-action set-dscp 48 exceed action drop Router(config)# Related Commands Command Description set ip dscp (policy-map Marks a packet by setting the IP DSCP in the ToS byte. configuration) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-459 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos bridged mls qos bridged To enable the microflow policing for bridged traffic on Layer 3 LAN interfaces, use the mls qos bridged command. To disable microflow policing for bridged traffic, use the no form of this command. mls qos bridged no mls qos bridged Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on SVIs only. Examples This example shows how to enable the microflow policing for bridged traffic on a VLAN interface: Router(config-if)# mls qos bridged Router(config-if)# Related Commands Command Description show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-460 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos channel-consistency mls qos channel-consistency To enable the QoS-port attribute checks on EtherChannel bundling, use the mls qos channel-consistency command. To disable the QoS-port attribute checks on EtherChannel bundling, use the no form of this command. mls qos channel-consistency no mls qos channel-consistency Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mls qos channel-consistency command is supported on port channels only. Examples This example shows how to enable the QoS-port attribute checks on the EtherChannel bundling: Router(config-if)# mls qos channel-consistency Router(config-if)# This example shows how to disable the QoS-port attribute checks on the EtherChannel bundling: Router(config-if)# no mls qos channel-consistency Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-461 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos cos mls qos cos To define the default CoS value for an interface, use the mls qos cos command. To remove a prior entry, use the no form of this command. mls qos cos cos-value no mls qos cos cos-value Syntax Description cos-value Defaults The defaults are as follows: Default CoS value for the interface; valid values are from 0 to 7. • cos-value is 0. • CoS override is not configured. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines CoS values are configurable on physical LAN ports only. Examples This example shows how to configure the default QoS CoS value as 6: Router(config-if)# mls qos cos 6 Router(config-if)# Related Commands Command Description show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-462 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos cos-mutation mls qos cos-mutation To attach an ingress-CoS mutation map to the interface, use the mls qos cos-mutation command. To remove the ingress-CoS mutation map from the interface, use the no form of this command. mls qos cos-mutation cos-mutation-table-name no mls qos cos-mutation Syntax Description cos-mutation-table-name Defaults No table is defined. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Name of the ingress-CoS mutation table. This example shows how to attach the ingress-CoS mutation map named mutemap2: Router(config-if)# mls qos cos-mutation mutemap2 Router(config-if)# Related Commands Command Description mls qos map cos-mutation Maps a packet’s CoS to a new CoS value. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-463 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos dscp-mutation mls qos dscp-mutation To attach an egress-DSCP mutation map to the interface, use the mls qos dscp-mutation command. To remove the egress-DSCP mutation map from the interface, use the no form of this command. mls qos dscp-mutation dscp-mutation-table-name no mls qos dscp-mutation Syntax Description dscp-mutation-table-name Defaults No table is defined. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Name of the egress-DSCP mutation table. This example shows how to attach the egress-DSCP mutation map named mutemap1: Router(config-if)# mls qos dscp-mutation mutemap1 Router(config-if)# Related Commands Command Description mls qos map dscp-mutation Defines a named DSCP mutation map. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-464 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos exp-mutation mls qos exp-mutation To attach an egress-EXP mutation map to the interface, use the mls qos exp-mutation command. To remove the egress-EXP mutation map from the interface, use the no form of this command. mls qos exp-mutation exp-mutation-table-name no mls qos exp-mutation Syntax Description exp-mutation-table-name Defaults No table is defined. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Name of the egress-EXP mutation table. This example shows how to attach the egress-exp mutation map named mutemap2: Router(config-if)# mls qos exp-mutation mutemap2 Router(config-if)# Related Commands Command Description mls qos map dscp-mutation Defines a named DSCP mutation map. show mls qos mpls Displays an interface summary for MPLS QoS classes in the policy maps. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-465 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos loopback mls qos loopback To remove a router port from the SVI flood for VLANs that are carried through by the loopback cable, use the mls qos loopback command. To return to the default settings, use the no form of this command. mls qos loopback no mls qos loopback Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines With mls qos loopback applied at the interface, the packets are not forwarded to the destination. Before you enter the mls qos loopback command, you must specify a MAC address for the OSM interface. The MAC address must be different from the LAN router MAC address that is used in PFC2 hardware switching. Examples This example shows how to prevent packets from being forwarded to the destination: Router (config-if)# mls qos loopback Router (config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-466 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map cos-dscp mls qos map cos-dscp To define the ingress CoS-to-DSCP map for trusted interfaces, use the mls qos map cos-dscp command. To remove a prior entry, use the no form of this command. mls qos map cos-dscp values no mls qos map cos-dscp Syntax Description values Defaults The default CoS-to-DSCP configuration is listed in Table 2-16. Eight DSCP values, separated by spaces, corresponding to the CoS values; valid values are from 0 to 63. Table 2-16 CoS-to-DSCP Default Map CoS 0 1 2 3 4 5 6 7 DSCP 0 8 16 24 32 40 48 56 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The CoS-to-DSCP map is used to map the CoS of packets arriving on trusted interfaces (or flows) to a DSCP where the trust type is trust-cos. This map is a table of eight CoS values (0 through 7) and their corresponding DSCP values. The Catalyst 6500 series switch has one map. Examples This example shows how to configure the ingress CoS-to-DSCP map for trusted interfaces: Router(config)# mls qos map cos-dscp 20 30 1 43 63 12 13 8 Router(config)# Related Commands Command Description mls qos map dscp-cos Defines an egress DSCP-to-CoS map. mls qos map ip-prec-dscp Defines an ingress-IP precedence-to-DSCP map for trusted interfaces. mls qos map policed-dscp Sets the mapping of policed DSCP values to marked-down DSCP values. show mls qos maps Displays information about the QoS map configuration and run-time version. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-467 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map cos-mutation mls qos map cos-mutation To map a packet’s CoS to a new CoS value, use the mls qos map cos-mutation command. To remove the map, use the no form of this command. mls qos map cos-mutation name mutated_cos1 mutated_cos2 mutated_cos3 mutated_cos4 mutated_cos5 mutated_cos6 mutated_cos7 mutated_cos8 no mls qos map cos-mutation name Syntax Description Defaults name Name of the CoS map. mutated_cos1 ... mutated_cos8 Eight CoS out values, separated by spaces; valid values are from 0 to 7. See the “Usage Guidelines” section for additional information. If the CoS-to-CoS mutation map is not configured, the default CoS-to-CoS mutation mapping is listed in Table 2-17. Table 2-17 CoS-to-CoS Default Map CoS-in 0 1 2 3 4 5 6 7 CoS-out 0 1 2 3 4 5 6 7 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on Catalyst 6500 series switches that are configured with the following modules only: • WS-X6704-10GE • WS-X6724-SFP • WS-X6748-GE-TX CoS mutation is not supported on non-802.1Q tunnel ports. When you enter the mls qos map cos-mutation command, you are configuring the mutated-CoS values map to sequential ingress-CoS numbers. For example, by entering the mls qos map cos-mutation 2 3 4 5 6 7 0 1 command, you configure this map: CoS-in 0 1 2 3 4 5 6 7 CoS-out 2 3 4 5 6 7 0 1 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-468 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map cos-mutation Separate the eight CoS values by a space. After you define the map in global configuration mode, you can attach the map to a port. If QoS is disabled, the port is not in a trust CoS mode, and the port is not in 802.1Q tunneling mode. The changes appear once you put the port into trust CoS mode and the port is configured as an 802.1Q tunnel port. Support for ingress-CoS mutation on 802.1Q tunnel ports and is on a per-port group basis only. To avoid ingress-CoS mutation configuration failures, only create EtherChannels where all member ports support ingress-CoS mutation or where no member ports support ingress-CoS mutation. Do not create EtherChannels with mixed support for ingress-CoS mutation. If you configure ingress-CoS mutation on a port that is a member of an EtherChannel, the ingress-CoS mutation is applied to the port-channel interface. You can configure ingress-CoS mutation on port-channel interfaces. Examples This example shows how to define a CoS-to-CoS map: Router(config)# mls qos map cos-mutation test-map 5 4 3 to 1 Router(config)# Related Commands Command Description show mls qos maps Displays information about the QoS map configuration and run-time version. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-469 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map dscp-cos mls qos map dscp-cos To define an egress DSCP-to-CoS map, use the mls qos map dscp-cos command. To remove a prior entry, use the no form of this command. mls qos map dscp-cos dscp-values to cos-values no mls qos map dscp-cos Syntax Description Defaults dscp-values DSCP values; valid values are from 0 to 63. to Defines mapping. cos-values CoS values; valid values are from 0 to 63. The default DSCP-to-CoS map is listed in Table 2-18. Table 2-18 DSCP-to-CoS Default Map DSCP 0-7 8-15 16-23 24-31 32-39 40-47 48-55 56-63 CoS 0 1 2 3 4 5 6 7 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The DSCP-to-CoS map is used to map the final DSCP classification to a final CoS. This final map determines the output queue and threshold to which the packet is assigned. The CoS map is written into the ISL header or 802.1Q tag of the transmitted packet on trunk interfaces and contains a table of 64 DSCP values and the corresponding CoS values. The Catalyst 6500 series switch has one map. You can enter up to eight DSCP values separated by a space. You can enter up to eight CoS values separated by a space. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-470 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map dscp-cos Examples This example shows how to configure the egress DSCP-to-CoS map for trusted interfaces: Router(config)# mls qos map dscp-cos 20 25 to 3 Router(config)# Related Commands Command Description mls qos map cos-dscp Defines the ingress CoS-to-DSCP map for trusted interfaces. show mls qos maps Displays information about the QoS map configuration and run-time version. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-471 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map dscp-exp mls qos map dscp-exp To define the final DSCP classification to the final EXP value, use the mls qos map dscp-exp command. To remove a prior entry, use the no form of this command. mls qos map dscp-exp dscp-values to exp-values no mls qos map dscp-exp Syntax Description Defaults dscp-values DSCP values; valid values are from 0 to 63. to Defines mapping. exp-values EXP values; valid values are from 0 to 7. The default DSCP-to-EXP map is listed in Table 2-19. Table 2-19 DSCP-to-EXP Default Map DSCP 0-7 8-15 16-23 24-31 32-39 40-47 48-55 56-63 EXP 0 1 2 3 4 5 6 7 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The DSCP-to-EXP map is used to map the final DSCP classification to a final EXP. This final map determines the output queue and threshold to which the packet is assigned. The EXP map contains a table of 64 DSCP values and the corresponding EXP values. The Catalyst 6500 series switch has one map. You can enter up to eight DSCP values separated by a space. You can enter up to eight EXP values separated by a space. Examples This example shows how to configure the final DSCP classification to a final EXP value: Router(config)# mls qos map dscp-exp 20 25 to 3 Router(config)# Related Commands Command Description show mls qos maps Displays information about the QoS map configuration and run-time version. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-472 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map dscp-mutation mls qos map dscp-mutation To define a named DSCP mutation map, use the mls qos map dscp-mutation command. To return to the default mapping, use the no form of this command. mls qos map dscp-mutation map-name input-dscp1 [input-dscp2 [input-dscp3 [input-dscp4 [input-dscp5 [input-dscp6 [input-dscp7 [input-dscp8]]]]]]] to output-dscp no mls qos map dscp-mutation map-name Syntax Description map-name Name of the DSCP mutation map. input-dscp# Internal DSCP value; valid values are from 0 to 63. See the “Usage Guidelines” section for additional information. to Defines mapping. output-dscp Egress DSCP value; valid values are from 0 to 63. Defaults output-dscp equals input-dscp. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When configuring a named DSCP mutation map, note the following: • You can enter up to eight input DSCP values that map to a mutated DSCP value. • You can enter multiple commands to map additional DSCP values to a mutated DSCP value. • You can enter a separate command for each mutated DSCP value. You can configure 15 egress-DSCP mutation maps to mutate the internal DSCP value before it is written as the egress-DSCP value. You can attach egress-DSCP mutation maps to any interface that PFC QoS supports. PFC QoS derives the egress-CoS value from the internal DSCP value. If you configure egress-DSCP mutation, PFC QoS does not derive the egress-CoS value from the mutated DSCP value. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-473 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map dscp-mutation Examples This example shows how to map DSCP 30 to mutated DSCP value 8: Router(config)# mls qos map dscp-mutation mutemap1 30 to 8 Router(config)# Related Commands Command Description show mls qos maps Displays information about the QoS map configuration and run-time version. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-474 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map exp-dscp mls qos map exp-dscp To define the ingress EXP value to the internal DSCP map, use the mls qos map exp-dscp command. To return to the default mappings, use the no form of this command. mls qos map exp-dscp dscp-values no mls qos map exp-dscp Syntax Description dscp-values Defaults The default EXP-to-DSCP map is listed in Table 2-20. Interval DSCP values; valid values are from 0 to 63. Table 2-20 EXP-to-DSCP Default Map EXP 0 1 2 3 4 5 6 7 DSCP 0 8 16 24 32 40 48 56 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The DSCP in these maps refers to the internal DSCP, not the packet DSCP. The EXP-to-DSCP map is used to map the received EXP value to the internal DSCP map. This final map determines the output queue and threshold to which the packet is assigned. The EXP map contains a table of 64 DSCP values and the corresponding EXP values. The Catalyst 6500 series switch has one map. You can enter up to eight DSCP values separated by a space. Examples This example shows how to configure the received EXP value to an internal DSCP value: Router(config)# mls qos map exp-dscp 20 25 30 31 32 32 33 34 Router(config)# Related Commands Command Description mls qos map exp-mutation Maps a packet’s EXP to a new EXP value. show mls qos mpls Displays an interface summary for MPLS QoS classes in the policy maps. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-475 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map exp-mutation mls qos map exp-mutation To map a packet’s EXP to a new EXP value, use the mls qos map exp-mutation command. To return to the default mappings, use the no form of this command. mls qos map exp-mutation map-name mutated-exp1 mutated-exp2 mutated-exp3 mutated-exp4 mutated-exp5 mutated-exp6 mutated-exp7 mutated-exp8 no mls qos map exp-mutation map-name Syntax Description Defaults map-name Name of the EXP-mutation map. mutated-exp# Eight EXP values, separated by spaces; valid values are from 0 to 7. See the “Usage Guidelines” section for additional information. If the EXP-to-EXP mutation map is not configured, the default EXP-to-EXP mutation mapping is listed in Table 2-21. Table 2-21 EXP-to-EXP Mutation Default Map EXP-in 0 1 2 3 4 5 6 7 EXP-out 0 1 2 3 4 5 6 7 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enter the mls qos map exp-mutation command, you are configuring the mutated-EXP values map to the sequential EXP numbers. For example, by entering the mls qos map exp-mutation 2 3 4 5 6 7 0 1 command, you configure this map: EXP-in 0 1 2 3 4 5 6 7 EXP-out 2 3 4 5 6 7 0 1 Separate the eight EXP values by a space. After you define the map in global configuration mode, you can attach the map to a port. You can configure 15 ingress-EXP mutation maps to mutate the internal EXP value before it is written as the ingress-EXP value. You can attach ingress-EXP mutation maps to any interface that PFC QoS supports. The PFC QoS derives the egress EXP value from the internal DSCP value. If you configure ingress-EXP mutation, PFC QoS does not derive the ingress-EXP value from the mutated EXP value. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-476 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map exp-mutation Examples This example shows how to map a packet’s EXP to a new EXP value: Router(config)# mls qos map exp-mutation mutemap1 1 2 3 4 5 6 7 0 Router(config)# Related Commands Command Description mls qos map exp-dscp Defines the ingress EXP value to the internal DSCP map. show mls qos mpls Displays an interface summary for MPLS QoS classes in the policy maps. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-477 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map ip-prec-dscp mls qos map ip-prec-dscp To define an ingress-IP precedence-to-DSCP map for trusted interfaces, use the mls qos map ip-prec-dscp command. To remove a prior entry, use the no form of this command. mls qos map ip-prec-dscp dscp-values no mls qos map ip-prec-dscp Syntax Description dscp-values Defaults The default IP precedence-to-DSCP configuration is listed in Table 2-22. DSCP values corresponding to IP precedence values 0 to 7; valid values are from 0 to 63. Table 2-22 IP Precedence-to-DSCP Default Map IP-Precedence 0 1 2 3 4 5 6 7 DSCP 0 8 16 24 32 40 48 56 Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use this command to map the IP precedence of IP packets arriving on trusted interfaces (or flows) to a DSCP when the trust type is trust-ipprec. You can enter up to eight DSCP values separated by a space. This map is a table of eight precedence values (0 through 7) and their corresponding DSCP values. The Catalyst 6500 series switch has one map. The IP precedence values are as follows: • network 7 • internet 6 • critical 5 • flash-override 4 • flash 3 • immediate 2 • priority 1 • routine 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-478 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map ip-prec-dscp Examples This example shows how to configure the ingress-IP precedence-to-DSCP mapping for trusted interfaces: Router(config)# mls qos map ip-prec-dscp 20 30 1 43 63 12 13 8 Router(config)# Related Commands Command Description mls qos map cos-dscp Defines the ingress CoS-to-DSCP map for trusted interfaces. mls qos map dscp-cos Defines an egress DSCP-to-CoS map. mls qos map policed-dscp Sets the mapping of policed DSCP values to marked-down DSCP values. show mls qos maps Displays information about the QoS map configuration and run-time version. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-479 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map policed-dscp mls qos map policed-dscp To configure the DSCP markdown map, use the mls qos map policed-dscp command. To remove a prior entry, use the no form of this command. mls qos map policed-dscp {normal-burst | max-burst} dscp1 [dscp2 [dscp3 [dscp4 [dscp5 [dscp6 [dscp7 [dscp8]]]]]]] to policed-dscp no mls qos map policed-dscp Syntax Description normal-burst Configures the markdown map used by the exceed-action policed-dscp-transmit keywords. max-burst Configures the markdown map used by the violate-action policed-dscp-transmit keywords. dscp1 DSCP value; valid values are from 0 to 63. dscp2 through dscp8 (Optional) DSCP values; valid values are from 0 to 63. to Defines mapping. policed-dscp Policed-to-DSCP values; valid values are from 0 to 63. Defaults No marked-down values are configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The DSCP-to-policed-DSCP map determines the marked-down DSCP value that is applied to out-of-profile flows. The Catalyst 6500 series switch has one map. You can enter up to eight DSCP values separated by a space. You can enter up to eight policed DSCP values separated by a space. Note To avoid out-of-sequence packets, configure the DSCP-to-policed-DSCP map so that marked-down packets remain in the same queue as the in-profile traffic. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-480 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos map policed-dscp Examples This example shows how to map multiple DSCPs to a single policed-DSCP value: Router(config)# mls qos map policed-dscp normal-burst 20 25 43 to 4 Router(config)# Related Commands Command Description mls qos map cos-dscp Defines the ingress CoS-to-DSCP map for trusted interfaces. mls qos map dscp-cos Defines an egress DSCP-to-CoS map. mls qos map ip-prec-dscp Defines an ingress-IP precedence-to-DSCP map for trusted interfaces. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-481 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos marking ignore port-trust mls qos marking ignore port-trust To mark packets even if the interface is trusted, use the mls qos marking ignore port-trust command. To return to the default settings, use the no form of this command. mls qos marking ignore port-trust no mls qos marking ignore port-trust Syntax Description This command has no arguments or keywords. Defaults Port trust is enabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the mls qos marking ignore port-trust command to mark packets even if the interface is trusted. Examples This example shows how to mark packets even if the interface is trusted: Router(config)# mls qos marking ignore port-trust Router(config)# This example shows how to enable port trust: Router(config)# no mls qos marking ignore port-trust Router(config)# Related Commands mls qos trust Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-482 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos marking statistics mls qos marking statistics To disable allocation of the policer-traffic class identification with set actions, use the mls qos marking statistics command. To return to the default settings, use the no form of this command. mls qos marking statistics no mls qos marking statistics Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the show policy-map interface command to display policy-map statistics. Examples This example shows how to disable the allocation of the policer-traffic class identification with set actions: Router(config)# mls qos marking statistics Router(config)# This example shows how to allow the allocation of the policer-traffic class identification with set actions: Router(config)# no mls qos marking statistics Router(config)# Related Commands Command Description show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-483 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos mpls trust exp mls qos mpls trust exp To set the trusted state of MPLS packets only, use the mls qos mpls trust exp command. To set the trusted state of MPLS packets to untrusted, use the no form of this command. mls qos mpls trust exp no qos mpls trust exp Syntax Description This command has no arguments or keywords. Defaults With the trusted state enabled, the defaults are as follows: • Untrusted—The packets are marked to 0 or by policy. • trust-cos. With the trusted state disabled, the defaults are as follows: • trust-exp—The port/policy trust state is ignored. • The packets are marked by policy. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can enter the mls qos mpls trust exp command to treat MPLS packets as other Layer 2 packets for CoS and egress queueing purposes (for example, to apply port or policy trust). All trusted cases (trust CoS/IP/DSCP) are treated as trust-cos. Examples This example shows how to set the trusted state of MPLS packets to trust-cos: Router(config-if)# mls qos mpls trust exp Router(config-if)# This example shows how to set the trusted state of MPLS packets to untrusted: Router(config-if)# no mls qos mpls trust exp Router(config-if)# Related Commands Command Description show mls qos mpls Displays an interface summary for MPLS QoS classes in the policy maps. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-484 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos police redirected mls qos police redirected To turn on ACL-redirected packet policing, use the mls qos police redirected command. To turn off policing of ACL-redirected packets, use the no form of this command. mls qos police redirected no mls qos police redirected Syntax Description This command has no arguments or keywords. Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the no mls qos police redirected command whenever you require NDE accuracy (if you do not require QoS-redirected packets). Examples This example shows how to turn on the ACL-redirected packet policing: Router(config)# mls qos police redirected Router(config)# This example shows how to turn off the ACL-redirected packet policing: Router(config)# no mls qos police redirected Router(config)# Related Commands Command Description show platform earl-mode Displays platform information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-485 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos protocol mls qos protocol To define the routing-protocol packet policing, use the mls qos protocol command. To return to the default settings, use the no form of this command. mls qos protocol protocol-name {pass-through | {police rate burst} | {precedence value [police rate burst]}} no mls qos protocol Syntax Description Defaults protocol-name Protocol name; valid values are arp, bgp, eigrp, igrp, isis, ldp, nd, ospf, and rip. pass-through Specifies pass-through mode. police rate Specifies the maximum bits per second to be policed; valid values are from 32000 to 10000000000 bits per second. burst Normal burst bytes; valid values are from 1000 to 31250000 bytes. precedence value Specifies the IP-precedence value of the protocol packets to rewrite; valid values are from 0 to 7. The defaults are as follows: • burst is 1000 bits per second. • If QoS is enabled, DSCP is rewritten to zero. • If QoS is disabled, the port is in a pass-through mode (no marking or policing is applied). Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enter the precedence value keyword and arguments without entering the police rate burst keyword and arguments, only the packets from an untrusted port are marked. You can make the protocol packets avoid the per-interface policy maps by entering the police rate, pass-through, or precedence value keywords and arguments. The mls qos protocol command allows you to define the routing-protocol packet policing as follows: • When you specify the pass-through mode, the DSCP value does not change and is not policed. • When you set the police rate, the DSCP value does not change and is policed. • When you specify the precedence value, the DSCP value changes for the packets that come from an untrusted port, the CoS value that is based on DSCP-to-CoS map changes, and the traffic is not policed. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-486 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos protocol • When you specify the precedence value and the police rate, the DSCP value changes, the CoS value that is based on DSCP-to-CoS map changes, and the DSCP value is policed. In this case, the DSCP value changes are based on the trust state of the port; the DSCP value is changed only for the packets that come from an untrusted port. • If you do not enter a precedence value, the DSCP value is based on whether or not you have enabled MLS QoS as follows: – If you enabled MLS QoS and the port is untrusted, the internal DSCP value is overwritten to zero. – If you enabled MLS QoS and the port is trusted, then the incoming DSCP value is maintained. You can make the protocol packets avoid policing completely if you choose the pass-through mode. If the police mode is chosen, the CIR specified is the rate that is used to police all the specified protocol’s packets, both entering or leaving the Catalyst 6500 series switch. To protect the system by ARP broadcast, you can enter the mls qos protocol arp police bps command. Examples This example shows how to define the routing-protocol packet policing: Router(config)# mls qos protocol arp police 43000 Router(config)# This example shows how to avoid policing completely: Router(config)# mls qos protocol arp pass-through 43000 Router(config)# This example shows how to define the IP-precedence value of the protocol packets to rewrite: Router(config)# mls qos protocol bgp precedence 4 Router(config)# This example shows how to define the IP-precedence value of the protocol packets to rewrite and police the DSCP value: Router(config)# mls qos protocol bgp precedence 4 police 32000 Router(config)# Related Commands Command Description show mls qos protocol Displays the protocol pass-through information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-487 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos queueing-only mls qos queueing-only To enable port-queueing mode, use the mls qos queueing-only command. To disable the port-queueing mode, use the no form of this command. mls qos queueing-only no mls qos queueing-only Syntax Description This command has no arguments or keywords. Defaults QoS is globally disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines In port-queueing mode, PFC QoS (marking and policing) is disabled, and packet ToS and CoS are not changed by the PFC. All queueing on rcv and xmt is based on a QoS tag in the incoming packet, which is based on the incoming CoS. For 802.1Q or ISL-encapsulated port links, queueing is based on the packet 802.1Q or ISL CoS. For router main interfaces or access ports, queueing is based on the configured per-port CoS (the default CoS is 0). Examples This example shows how to enable the port-queueing mode globally: Router(config)# mls qos queueing-only Router(config)# This example shows how to disable the port-queueing mode globally: Router(config)# no mls qos queueing-only Router(config)# Related Commands Command Description mls qos (global configuration mode) Enables the QoS functionality globally. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-488 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos queue-mode mode-dscp mls qos queue-mode mode-dscp To set the queueing mode to DSCP on an interface, use the mls qos queue-mode mode-dscp command. To return to the default settings, use the no form of this command. mls qos queue-mode mode-dscp no mls qos queue-mode mode-dscp Syntax Description This command has no arguments or keywords. Defaults CoS mode. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on 10-Gigabit Ethernet ports only. You should configure ports to trust DSCP only if they receive traffic that carries valid Layer 3 DSCP. You can enable DSCP-based ingress queues and thresholds on WS-X6708-10GE ports to provide congestion avoidance. For traffic from trust DSCP ports, PFC QoS uses the received DSCP value as the initial internal DSCP value. PFC QoS does not mark any traffic on ingress ports configured to trust received DSCP. Examples This example shows how to set the queueing mode to DSCP on an interface: Router(config-if)# mls qos queue-mode mode-dscp Router(config-if)# Related Commands Command Description priority-queue queue-limit Allocates the available buffer space to a queue. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-489 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos rewrite ip dscp mls qos rewrite ip dscp To enable ToS-to-DSCP rewrite, use the mls qos rewrite ip dscp command. To disable ToS-to-DSCP rewrite, use the no form of this command. mls qos rewrite ip dscp no mls qos rewrite ip dscp Syntax Description This command has no arguments or keywords. Defaults QoS is globally disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you disable ToS-to-DSCP rewrite, and QoS is enabled globally, the following occurs: • Final ToS-to-DSCP rewrite is disabled, and the ToS-to-DSCP packet is preserved. • Policing and marking function according to the QoS configuration. • Marked and marked-down CoS is used for queueing. • In QoS disabled mode, both ToS and CoS are preserved. The no mls qos rewrite ip dscp command is incompatible with MPLS. The default mls qos rewrite ip dscp command must remain enabled in order for the PFC3BXL or PFC3B to assign the correct EXP value for the labels that it imposes. Examples This example shows how to disable ToS-to-DSCP rewrite: Router(config)# mls qos rewrite ip dscp Router(config)# This example shows how to disable port-queueing mode globally: Router(config)# no mls qos rewrite ip dscp Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-490 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos rewrite ip dscp Related Commands Command Description mls qos (global configuration mode) Enables the QoS functionality globally. show mls qos Displays MLS QoS information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-491 Chapter 2 mls qos statistics-export (global configuration mode) Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export (global configuration mode) To enable QoS-statistics data export globally, use the mls qos statistics-export command. To disable QoS-statistics data export globally, use the no form of this command. mls qos statistics-export no mls qos statistics-export Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You must enable data export globally to set up data export on your Catalyst 6500 series switch. QoS-statistics data export is not supported on OSM interfaces. For QoS-statistics data export to perform correctly, you should set the export-destination hostname or IP address and the UDP port number. Examples This example shows how to enable data export globally: Router(config)# mls qos statistics-export Router(config)# This example shows how to disable data export globally: Router(config)# no mls qos statistics-export Router(config)# Related Commands Command Description show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-492 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export (interface configuration mode) mls qos statistics-export (interface configuration mode) To enable per-port QoS-statistics data export, use the mls qos statistics-export command. To disable per-port QoS-statistics data export, use the no form of this command. mls qos statistics-export no mls qos statistics-export Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines QoS-statistics data export is not supported on OSM interfaces. You must enable data export on the port and globally to set up data export on your Catalyst 6500 series switch. For QoS-statistics data export to perform correctly, you should set the export-destination hostname or IP address and the UDP port number. QoS-statistics data is exported using delimiter-separated fields. You can set the delimiter by entering the mls qos statistics-export delimiter command. Port statistics are exported; port QoS statistics are not exported. For each data export-enabled port, the following information is exported: • Type (1 denotes the type of port) • Module/port • In packets (cumulated hardware-counter values) • In bytes (cumulated hardware-counter values) • Out packets (cumulated hardware-counter values) • Out bytes (cumulated hardware-counter values) • Time stamp (time in seconds since January 1, 1970 UTC relative) For example, if you have QoS-statistics data export that is enabled on FastEthernet4/5, the exported records could be (in this example, the delimiter is a | [pipe]) as follows: |1|4/5|123|80|12500|6800|982361894| Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-493 Chapter 2 mls qos statistics-export (interface configuration mode) Examples Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA This example shows how to enable QoS-statistics data export: Router(config-if)# mls qos statistics-export Router(config-if)# This example shows how to disable QoS-statistics data export: Router(config-if)# no mls qos statistics-export Router(config-if)# Related Commands Command Description mls qos statistics-export delimiter Sets the QoS-statistics data-export field delimiter. show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-494 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export aggregate-policer mls qos statistics-export aggregate-policer To enable QoS-statistics data export on the named aggregate policer, use the mls qos statistics-export aggregate-policer command. To disable QoS-statistics data export on the named aggregate policer, use the no form of this command. mls qos statistics-export aggregate-policer policer-name no mls qos statistics-export aggregate-policer policer-name Syntax Description policer-name Defaults Disabled for all shared aggregate policers Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Name of the policer. QoS-statistics data export is not supported on OSM interfaces. You must enable data export on the shared aggregate policer and globally to set up data export on your Catalyst 6500 series switch. QoS-statistics data is exported using delimiter-separated fields. You can set the delimiter by entering the mls qos statistics-export delimiter command. For each data export-enabled shared aggregate or named policer, statistics data per policer per EARL is exported. For each data export-enabled shared aggregate or named policer, the following information is exported: • Type (3 denotes aggregate policer export type) • Aggregate name • Direction (in or out) • EARL identification • Accepted packets (cumulated hardware-counter values) • Exceeded normal-rate packets (cumulated hardware-counter values) • Exceeded excess-rate packets (cumulated hardware-counter values) • Time stamp (time in seconds since January 1, 1970 UTC relative) If a shared aggregate policer is attached to policies in both directions, two records are exported (one in each direction). Each record will contain the same counter values for accepted packets, exceeded normal packet rates, and exceeded excess packet rates. For example, the exported records could be as follows (in this example, the delimiter is a | [pipe]): Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-495 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export aggregate-policer |3|agg_1|in|1|45543|2345|982361894| |3|agg_1|in|3|45543|2345|982361894| This example indicates the following information: Examples • QoS-statistics data export that is enabled on the shared aggregate policer named “aggr_1” • An EARL in the supervisor engine that is installed in slot 1 • An EARL that is installed in slot 3 This example shows how to enable per-shared aggregate or named-policer data export: Router(config)# mls qos statistics-export aggregate-policer aggr1M Router(config)# Related Commands Command Description mls qos statistics-export delimiter Sets the QoS-statistics data-export field delimiter. show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-496 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export class-map mls qos statistics-export class-map To enable QoS-statistics data export for a class map, use the mls qos statistics-export class-map command. To disable QoS-statistics data export for a class map, use the no form of this command. mls qos statistics-export class-map classmap-name no mls qos statistics-export class-map classmap-name Syntax Description classmap-name Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Name of the class map. QoS-statistics data export is not supported on OSM interfaces. You must enable data export on the class map and globally to set up data export on your Catalyst 6500 series switch. QoS-statistics data is exported using delimiter-separated fields. You can set the delimiter by entering the mls qos statistics-export delimiter command. For each data export-enabled class map, the statistics data per policer per interface is exported. If the interface is a physical interface, the following information is exported: • Type (4 denotes a class map physical export) • Class map name • Direction (in or out) • Module/port • Accepted packets (cumulated hardware-counter values) • Exceeded normal-rate packets (cumulated hardware-counter values) • Exceeded excess-rate packets (cumulated hardware-ounter values) • Time stamp (time in seconds since January 1, 1970 UTC relative) If the interface is a Catalyst 6500 series switch VLAN, the following information is exported: • Type (5 denotes class-map VLAN export) • Class-map name • Direction (in or out) • EARL identification (slot number in which the EARL is installed) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-497 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export class-map • VLAN number • Accepted packets (cumulated hardware-counter values) • Exceeded normal-rate packets (cumulated hardware-counter values) • Exceeded excess-rate packets (cumulated hardware-counter values) • Time stamp (time in seconds since January 1, 1970 UTC relative) If the interface is a Catalyst 6500 series switch port channel, the following information is exported: • Type (6 denotes class-map port-channel export) • Class-map name • Direction (in or out) • EARL identification (slot number in which the EARL is installed) • Port-channel number • Accepted packets (cumulated hardware-counter values) • Exceeded normal-rate packets (cumulated hardware-counter values) • Exceeded excess-rate packets (cumulated hardware-counter values) • Time stamp (time in seconds since January 1, 1970 UTC relative) For example, if you have the following configuration: • QoS-statistics data export enabled on the class map named “class_1” • An EARL in the supervisor engine that is installed in slot 1 • An EARL that is installed in slot 3 • The Catalyst 6500 series switch is in the policy map named “policy_1” • policy_1 is attached to the following interfaces in the ingress direction: – FastEthernet4/5 – VLAN 100 – Port-channel 24 The exported records could be (in this example, the delimiter is a | [pipe]) as follows: |4|class_1|in|4/5|45543|2345|2345|982361894| |5|class_1|in|1|100|44000|3554|36678|982361894| |5|class_1|in|3|100|30234|1575|1575|982361894| Examples This example shows how to enable QoS-statistics data export for a class map: Router(config)# mls qos statistics-export class-map class3 Router(config)# Related Commands Command Description mls qos statistics-export delimiter Sets the QoS-statistics data-export field delimiter. show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-498 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export delimiter mls qos statistics-export delimiter To set the QoS-statistics data-export field delimiter, use the mls qos statistics-export delimiter command. To return to the default settings, use the no form of this command. mls qos statistics-export delimiter no mls qos statistics-export delimiter Syntax Description This command has no arguments or keywords. Defaults The default delimiter is the pipe character (|). Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines QoS-statistics data export is not supported on OSM interfaces. You must enable data export globally to set up data export on your Catalyst 6500 series switch. Examples This example shows how to set the QoS-statistics data-export field delimiter (a comma) and verify the configuration: Router(config)# mls qos statistics-export delimiter , Router(config)# Related Commands Command Description show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-499 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export destination mls qos statistics-export destination To configure the QoS-statistics data-export destination host and UDP port number, use the mls qos statistics-export destination command. To return to the default settings, use the no form of this command. mls qos statistics-export destination {host-name | host-ip-address} {{port port-number} | syslog} [facility facility-name] [severity severity-value] Syntax Description Defaults host-name Hostname. host-ip-address Host IP address. port port-number Specifies the UDP port number. syslog Specifies the syslog port. facility facility-name (Optional) Specifies the type of facility to export; see the “Usage Guidelines” section for a list of valid values. severity severity-value (Optional) Specifies the severity level to export; see the “Usage Guidelines” section for a list of valid values. The default is none unless syslog is specified. If syslog is specified, the defaults are as follows: • port is 514. • facility is local6. • severity is debug. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines QoS-statistics data export is not supported on OSM interfaces. Valid facility values are as follows: • authorization—Security/authorization messages • cron—Clock daemon • daemon—System daemon • kernel—Kernel messages • local0—Local use 0 • local1—Local use 1 • local2—Local use 2 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-500 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export destination • local3—Local use 3 • local4—Local use 4 • local5—Local use 5 • local6—Local use 6 • local7—Local use 7 • lpr—Line printer subsystem • mail—Mail system • news—Network news subsystem • syslog—Messages that are generated internally by syslogd • user—User-level messages • uucp—UUCP subsystem Valid severity levels are as follows: Examples • alert—Action must be taken immediately • critical—Critical conditions • debug—Debug-level messages • emergency—System is unusable • error—Error conditions • informational—Informational • notice—Normal but significant conditions • warning—Warning conditions This example shows how to specify the destination host address and syslog as the UDP port number: Router(config)# mls qos statistics-export destination 172.20.52.3 syslog Router(config)# Related Commands Command Description show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-501 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos statistics-export interval mls qos statistics-export interval To specify how often a port and/or aggregate-policer QoS-statistics data is read and exported, use the mls qos statistics-export interval command. To return to the default settings, use the no form of this command. mls qos statistics-export interval interval no mls qos statistics-export interval Syntax Description interval Defaults 300 seconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Export time; valid values are from 30 to 65535 seconds. QoS-statistics data export is not supported on OSM interfaces. The interval needs to be short enough to avoid counter wraparound with the activity in your configuration. Caution Examples Be careful when decreasing the interval because exporting QoS statistics increases the traffic on the Catalyst 6500 series switch. This example shows how to set the QoS-statistics data-export interval: Router(config)# mls qos statistics-export interval 250 Router(config)# Related Commands Command Description show mls qos statistics-export info Displays information about the MLS-statistics data-export status and configuration. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-502 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos trust mls qos trust To set the trusted state of an interface, use the mls qos trust command. To set an interface to the untrusted state, use the no form of this command. mls qos trust [cos | dscp | ip-precedence] no mls qos trust Syntax Description Defaults cos (Optional) Specifies that the CoS bits in incoming frames are trusted and derives the internal DSCP value from the CoS bits. dscp (Optional) Specifies that the ToS bits in the incoming packets contain a DSCP value. ip-precedence (Optional) Specifies that the ToS bits in the incoming packets contain an IP precedence value and derives the internal DSCP value from the IP-precedence bits. The defaults for LAN interfaces and WAN interfaces on the OSMs are as follows: • If you enable global QoS, the port is untrusted. • If you disable global QoS, the default is dscp. • If you do not enter an argument, trust dscp is assumed. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can enter the mls qos trust command to set the trusted state of an interface. For example, you can set whether the packets arriving at an interface are trusted to carry the correct CoS, ToS, and DSCP classifications. The cos keyword is not supported for pos or atm interface types. You cannot configure the trust state on FlexWAN modules. You cannot configure the trust state on 1q4t LAN ports except for Gigabit Ethernet ports. Ingress-queue drop thresholds are not implemented when you enter the mls qos trust cos command on 4-port Gigabit Ethernet WAN modules. Use the set qos-group command to set the trust state on Layer 2 WAN interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-503 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos trust Examples This example shows how to set the trusted state of an interface to IP precedence: Router(config-if)# mls qos trust ip-precedence Router(config-if)# Related Commands Command Description mls qos bridged Enables the microflow policing for bridged traffic on Layer 3 LAN interfaces. mls qos cos Defines the default CoS value for an interface. mls qos vlan-based Defines the default CoS value for a VLAN. show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-504 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos trust extend mls qos trust extend To configure the trust mode of the phone, use the mls qos trust extend command. To return to the default settings, use the no form of this command. mls qos trust extend [cos value] no mls qos trust extend Syntax Description cos value Defaults The default settings are as follows: (Optional) Specifies the CoS value that is used to remark the packets from the PC; valid values are from 0 to 7. • Mode is untrusted. • cos value is 0. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is not supported on WAN modules. If you set the phone to trusted mode, all the packets from the PC are sent untouched directly through the phone to the Catalyst 6500 series switch. If you set the phone to untrusted mode, all the traffic coming from the PC are remarked with the configured CoS value before being sent to the Catalyst 6500 series switch. Each time that you enter the mls qos trust extend command, the mode is changed. For example, if the mode was previously set to trusted, if you enter the command, the mode changes to untrusted. Enter the show queueing interface command to display the current trust mode. Examples This example shows how to set the phone that is attached to the switch port in trust mode: Router(config-if)# interface fastethernet5/1 Router(config-if)# mls qos trust extend Router(config-if)# This example shows how to change the mode to untrusted and set the remark CoS value to 3: Router(config-if)# interface fastethernet5/1 Router(config-if)# mls qos trust extend cos 3 Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-505 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos trust extend This example shows how to set the configuration to the default mode: Router(config-if)# interface fastethernet5/1 Router(config-if)# no mls qos trust extend Router(config-if)# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-506 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls qos vlan-based mls qos vlan-based To enable per-VLAN QoS for a Layer 2 interface, use the mls qos vlan-based command. To disable per-VLAN QoS for a Layer 2 interface, use the no form of this command. mls qos vlan-based no mls qos vlan-based Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on switch-port and port-channel interfaces only. In VLAN-based mode, the policy map that is attached to the Layer 2 interface is ignored, and QoS is driven by the policy map that is attached to the corresponding VLAN interface. You can configure per-VLAN QoS only on Layer 2 interfaces. Note Examples Layer 3 interfaces are always in interface-based mode. Layer 3 VLAN interfaces are always in VLAN-based mode. This example shows how to enable per-VLAN QoS for a Layer 2 interface: Router(config-if)# mls qos vlan-based Router(config-if)# Related Commands Command Description mls qos bridged Enables the microflow policing for bridged traffic on Layer 3 LAN interfaces. mls qos cos Defines the default CoS value for an interface. show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-507 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit all mls rate-limit all To enable and set the rate limiters common to unicast and multicast packets, use the mls rate-limit all command. To disable the rate limiters, use the no form of this command. mls rate-limit all {mtu-failure | ttl-failure} pps [packets-in-burst] no mls rate-limit all {mtu-failure | ttl-failure} Syntax Description all Specifies rate limiting for unicast and multicast packets. mtu-failure Enables and sets the rate limiters for MTU-failed packets. ttl-failure Enables and sets the rate limiters for TTL-failed packets. pps Packets per second; valid values are from 10 to 1000000 packets per second. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. Defaults The Layer 2 rate limiters are off by default. If you enable and set the rate limiters, the default packets-in-burst is 10. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Rate limiters can rate limit packets that are punted from the data path in the hardware up to the data path in the software. Rate limiters protect the control path in the software from congestion by dropping the traffic that exceeds the configured rate. Examples This example shows how to set the TTL-failure limiter for unicast and multicast packets: Router(config)# mls rate-limit all ttl-failure 15 Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-508 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit layer2 mls rate-limit layer2 To enable and rate limit the control packets in Layer 2, use the mls rate-limit layer2 command. To disable the rate limiter in the hardware, use the no form of this command. mls rate-limit layer2 {pdu | l2pt | port-security} pps [packets-in-burst] no mls rate-limit layer2 [pdu | l2pt | port-security] Syntax Description Defaults pdu pps Specifies the rate limit for BPDU, CDP, PDU, and VTP PDU Layer 2 control packets; valid values are from 10 to 1000000 packets per second. l2pt pps Specifies the rate limit for control packets in Layer 2 with a protocol-tunneling multicast-MAC address in Layer 2; valid values are from 10 to 1000000 packets per second. port-security pps Specifies the rate limit for port security traffic; valid values are from 10 to 1000000 packets per second. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. The default settings are as follows: • Layer 2 rate limiters are off by default. • If you enable and set the rate limiters, the default setting for packets-in-burst is 10 and pps has no default setting. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You cannot configure the Layer 2 rate limiters if the global switching mode is set to truncated mode. For the port-security pps keywords and argument, use the following guidelines: • The PFC2 does not support the port-security rate limiter. • The truncated switching mode does not support the port-security rate limiter. • The lower the value, the more the CPU is protected. Rate limiters control packets as follows: • The frames are classified as Layer 2 control frames by the destination MAC address. The destination MAC address used are as follows: – 0180.C200.0000 for IEEE BPDU – 0100.0CCC.CCCC for CDP – 0100.0CCC.CCCD for PVST/SSTP BPDU Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-509 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit layer2 • The software allocates an LTL index for the frames. • The LTL index is submitted to the forwarding engine for aggregate rate limiting of all the associated frames. The Layer2 controlpackets are as follow s: • GVRP • BPDUs • CDP/DTP/PAgP/UDLD/LACP/VTP PDUs • PVST/SSTP PDUs If the rate of the traffic exceeds the configured rate, the excessive packets are dropped at the hardware. The pdu and l2pt rate limiters use specific hardware rate-limiter numbers only, such as 9 through 12. Enter the show mls rate-limit usage command to display the available rate-limiter numbers. The available numbers are displayed as “Free” in the output field. If all four rate limiters are in use by other features, a system message is displayed telling you to turn off a feature to rate limit the control packets in Layer 2. When a MAC move occurs and a packet is seen on two ports, the packet is redirected to the software. If one of those ports has the violation mode set to restrict or protect, the packet is dropped in software. You can use the port-security rate limiter to throttle the amount of such packets redirected to software . This helps in protecting the software from high traffic rates. Examples This example shows how to enable and set the rate limiters for the protocol-tunneling packets in Layer 2: Router(config)# mls rate-limit layer2 l2pt 3000 Router(config)# This example shows how to configure the port-security rate limiter: Router(config)# mls rate-limit layer2 port-security 500 Router(config)# end Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-510 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit multicast ipv4 mls rate-limit multicast ipv4 To enable and set the rate limiters for the IPv4 multicast packets, use the mls rate-limit multicast ipv4 command. To disable the rate limiters, use the no form of this command. mls rate-limit multicast ipv4 {connected | fib-miss | igmp | ip-option | partial | non-rpf} pps [packets-in-burst] no mls rate-limit multicast ipv4 {connected | fib-miss | igmp | ip-option | partial | non-rpf} Syntax Description Defaults connected Enables and sets the rate limiters for multicast packets from directly connected sources. fib-miss Enables and sets the rate limiters for the FIB-missed multicast packets. igmp Enables and sets the rate limiters for the IGMP packets. ip-option Enables and sets the rate limiters for the multicast packets with IP options. partial Enables and sets the rate limiters for the multicast packets during a partial SC state. non-rpf Enables and sets the rate limiters for the multicast packets failing the RPF check. pps Packets per second; valid values are from 10 to 1000000 packets per second. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. The defaults are as follows: • If the packets-in-burst is not set, a default of 100 is programmed for multicast cases. • fib-miss—Enabled at 100000 pps and packet-in-burst is set to 100. • ip-option—Disabled. • partial—Enabled at 100000 pps and packet-in-burst is set to 100. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You cannot configure the IPv4 rate limiters if the global switching mode is set to truncated mode. The rate limiters can rate limit the packets that are punted from the data path in the hardware up to the data path in the software. The rate limiters protect the control path in the software from congestion and drop the traffic that exceeds the configured rate. The ip-option keyword is supported in PFC3BXL or PFC3B mode only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-511 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit multicast ipv4 Examples This example shows how to set the rate limiters for the multicast packets failing the RPF check: Router(config)# mls rate-limit multicast ipv4 non-rpf 100 Router(config)# This example shows how to set the rate limiters for the multicast packets during a partial SC state: Router(config)# mls rate-limit multicast ipv4 partial 250 Router(config)# This example shows how to set the rate limiters for the FIB-missed multicast packets: Router(config)# mls rate-limit multicast ipv4 fib-miss 15 Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-512 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit multicast ipv6 mls rate-limit multicast ipv6 To configure the IPv6 multicast rate limiters, use the mls rate-limit multicast ipv6 command. To disable the rate limiters, use the no form of this command. mls rate-limit multicast ipv6 {connected pps [packets-in-burst]} | {rate-limiter-name {share {auto | target-rate-limiter}}} no mls rate-limit multicast ipv6 {connected | rate-limiter-type} Syntax Description connected pps Enables and sets the rate limiters for the IPv6 multicast packets from a directly connected source; valid values are from 10 to 1000000 packets per second. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. rate-limiter-name Rate-limiter name; valid values are default-drop, route-cntl, secondary-drop, sg, starg-bridge, and starg-m-bridge. See the “Usage Guidelines” section for additional information. share Specifies the sharing policy for IPv6 rate limiters; see the “Usage Guidelines” section for additional information. auto Decides the sharing policy automatically. target-rate-limiter Rate-limiter name that was the first rate-limiter name programmed in the hardware for the group; valid values are default-drop, route-cntl, secondary-drop, sg, starg-bridge, and starg-m-bridge. See the “Usage Guidelines” section for additional information. Defaults If the burst is not set, a default of 100 is programmed for multicast cases. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The rate-limiter-name argument must be a rate limiter that is not currently programmed. The target-rate-limiter argument must be a rate limiter that is programmed in the hardware and must be the first rate limiter programmed for its group. Table 2-23 lists the IPv6 rate limiters and the class of traffic that each rate limiter serves. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-513 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit multicast ipv6 Table 2-23 IPv6 Rate Limiters Rate-Limiter ID Traffic Classes to be Rate Limited Connected Directly connected source traffic Default-drop * (*, G/m)SSM * (*, G/m)SSM non-rpf Route-control * (*, FF02::X/128) Secondary-drop * (*, G/128) SPT threshold is infinity SG * (S, G) RP-RPF post-switchover * (*, FFx2/16) Starg-bridge * (*, G/128) SM * SM non-rpf traffic when (*, G) exists Starg-M-bridge * (*, G/m) SM * (*, FF/8) * SM non-rpf traffic when (*, G) does not exist You can configure rate limiters for IPv6 multicast traffic using one of the following methods: • Direct association of the rate limiters for a traffic class—Select a rate and associate the rate with a rate limiter. This example shows how to pick a rate of 1000 pps and 20 packets per burst and associate the rate with the default-drop rate limiter: Router(config)# mls rate-limit multicast ipv6 default-drop 1000 20 • Static sharing of a rate limiter with another preconfigured rate limiter—When there are not enough adjacency-based rate limiters available, you can share a rate limiter with an already configured rate limiter (target rate limiter). This example shows how to share the route-cntl rate limiter with the default-drop target rate limiter: Router(config)# mls rate-limit multicast ipv6 route-cntl share default-drop If the target rate limiter is not configured, a message displays that the target rate limiter must be configured for it to be shared with other rate limiters. • Dynamic sharing of rate limiters—If you are not sure about which rate limiter to share with, use the share auto keywords to enable dynamic sharing. When you enable dynamic sharing, the system picks a preconfigured rate limiter and shares the given rate limiter with the preconfigured rate limiter. This example shows how to choose dynamic sharing for the route-cntrl rate limiter: Router(config)# mls rate-limit multicast ipv6 route-cntl share auto Examples This example shows how to set the rate limiters for the IPv6 multicast packets from a directly connected source: Router(config)# mls rate-limit multicast ipv6 connected 1500 20 Router(config)# This example shows shows how to configure a direct association of the rate limiters for a traffic class: Router(config)# mls rate-limit multicast ipv6 default-drop 1000 20 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-514 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit multicast ipv6 This example shows how to configure the static sharing of a rate limiter with another preconfigured rate limiter: Router(config)# mls rate-limit multicast ipv6 route-cntl share default-drop Router(config)# This example shows how to enable dynamic sharing for the route-cntrl rate limiter: Router(config)# mls rate-limit multicast ipv6 route-cntl share auto Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-515 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast acl mls rate-limit unicast acl To enable and set the ACL-bridged rate limiters, use the mls rate-limit unicast acl command. To disable the rate limiters, use the no form of this command. mls rate-limit unicast acl {input | output | vacl-log} {pps [packets-in-burst]} no mls rate-limit unicast acl {input | output | vacl-log} Syntax Description Defaults input Specifies the rate limiters for the input ACL-bridged unicast packets. output Specifies the rate limiters for the output ACL-bridged unicast packets. vacl-log Specifies the rate limiters for the VACL log cases. pps Packets per second; see the “Usage Guidelines” section for valid values. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. The defaults are as follows: • input—Disabled. • output—Disabled. • vacl-log—Enabled at 2000 pps and packets-in-burst is set to 1. • If the packets-in-burst is not set, 10 is programmed for unicast cases. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The rate limiters can rate limit the packets that are punted from the data path in the hardware up to the data path in the software. The rate limiters protect the control path in the software from congestion and drop the traffic that exceeds the configured rate. When setting the pps, valid values are as follows: • ACL input and output cases—10 to 1000000 pps • VACL log cases—10 to 5000 pps You cannot change the vacl-log packets-in-burst keyword and argument; it is set to 1 by default. Some cases (or scenarios) share the same hardware register. These cases are divided into the following two groups: • Group1: – Egress ACL-bridged packets – Ingress ACL-bridged packets Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-516 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast acl • Group 2: – RPF failure – ICMP unreachable for ACL drop – ICMP unreachable for no-route – IP errors All the components of each group use or share the same hardware register. For example, ACL-bridged ingress and egress packets use register A. ICMP-unreachable, no-route, and RPF failures use register B. In most cases, when you change a component of a group, all the components in the group are overwritten to use the same hardware register as the first component changed. A warning message is printed out each time that an overwriting operation occurs, but only if you enable the service internal mode. The overwriting operation does not occur in these situations: Examples • The pps value is set to 0 (zero) for a particular case. • When the ingress or egress ACL-bridged packet cases are disabled, overwriting does not occur until the cases are enabled again. If either case is disabled, the other is not affected if the remaining case is enabled. For example, if you program the ingress ACL-bridged packets with a 100-pps rate, and then you configure the egress ACL-bridged packets with a 200-pps rate, the ingress ACL-bridged packet value is overwritten to 200 pps and both the ingress and the egress ACL-bridged packets have a 200-pps rate. This example shows how to set the input ACL-bridged packet limiter for unicast packets: Router(config)# mls rate-limit unicast acl ingress 100 Router(config)# This example shows how to disable the input ACL-bridged packet limiter for unicast packets: Router(config)# no mls rate-limit unicast acl ingress Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-517 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast cef mls rate-limit unicast cef To enable and set the CEF rate limiters, use the mls rate-limit unicast cef command. To disable the rate limiters, use the no form of this command. mls rate-limit unicast cef {receive | glean} pps [packets-in-burst] no mls rate-limit unicast cef {receive | glean} Syntax Description Defaults receive Enables and sets the rate limiters for receive packets. glean Enables and sets the rate limiters for ARP-resolution packets. pps Packets per second; valid values are from 10 to 1000000 packets per second. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. The defaults are as follows: • receive—Disabled. • glean—Disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enable the CEF rate limiters, the following situations occur (if the situation that is listed is unacceptable, disable the CEF rate limiters): • If a packet hits a glean/receive adjacency, the packet may be dropped instead of being sent to the software if there is an output ACL on the input VLAN and the matched entry result is deny. • If the matched ACL entry result is bridge, the packet is subject to egress ACL bridge rate limiting (if turned ON) instead of glean/receive rate limiting. • The glean/receive adjacency rate limiting is applied only if the output ACL lookup result is permit or there is no output ACLs on the input VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-518 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast cef Examples This example shows how to set the CEF-glean limiter for the unicast packets: Router(config)# mls rate-limit unicast cef glean 5000 Router(config)# This example shows disable the CEF-glean limiter for the unicast packets: Router(config)# no mls rate-limit unicast cef glean Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-519 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast ip mls rate-limit unicast ip To enable and set the rate limiters for the unicast packets, use the mls rate-limit unicast ip command. To disable the rate limiters, use the no form of this command. mls rate-limit unicast ip {errors | features | options | rpf-failure} pps [packets-in-burst] mls rate-limit unicast ip icmp {redirect | unreachable {acl-drop pps} | no-route pps} [packets-in-burst] no mls rate-limit unicast ip {errors | features | {icmp {redirect | unreachable {acl-drop | no-route}}} | options | rpf-failure} pps [packets-in-burst] Syntax Description Defaults errors Specifies rate limiting for unicast packets with IP checksum and length errors. features Specifies rate limiting for unicast packets with software-security features in Layer 3 (for example, authorization proxy, IPsec, and inspection). options Specifies rate limiting for unicast IPv4 packets with options. rpf-failure Specifies rate limiting for unicast packets with RPF failures. pps Packets per second; see the “Usage Guidelines” section for valid values. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. icmp redirect Specifies rate limiting for unicast packets requiring ICMP redirect. icmp unreachable acl-drop pps Enables and sets the rate limiters for the ICMP unreachables for the ACL-dropped packets. icmp unreachable no-route pps Enables and sets the rate limiters for the ICMP unreachables for the FIB-miss packets. The defaults are as follows: • If the packets-in-burst is not set, a default of 10 is programmed as the burst for unicast cases. • errors—Enabled at 100 pps and packets-in-burst set to 10. • rpf-failure—Enabled at 100 pps and packets-in-burst set to 10. • icmp unreachable acl-drop—Enabled at 100 pps and packets-in-burst set to 10. • icmp unreachable no-route—Enabled at 100 pps and packets-in-burst set to 10. • icmp redirect—Disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-520 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast ip Usage Guidelines To provide OAL support for denied packets, enter the mls rate-limit unicast ip icmp unreachable acl-drop 0 command. OAL and VACL capture are incompatible. Do not configure both features on the switch. With OAL configured, use SPAN to capture traffic. The rate limiters can rate limit the packets that are punted from the data path in the hardware up to the data path in the software. The rate limiters protect the control path in the software from congestion and drop the traffic that exceeds the configured rate. Note When you configure an ICMP rate limiter, and an ICMP redirect occurs, exiting data traffic is dropped while the remaining traffic on the same interface is forwarded. When setting the pps, the valid values are 0 and from 10 to 1000000. Setting the pps to 0 globally disables the redirection of the packets to the route processor. The 0 value is supported for these rate limiters: • ICMP unreachable ACL-drop • ICMP unreachable no-route • ICMP redirect • IP rpf failure Some cases (or scenarios) share the same hardware register. These cases are divided into the following two groups: • Group1: – Egress ACL-bridged packets – Ingress ACL-bridged packets • Group 2: – RPF failure – ICMP unreachable for ACL drop – ICMP unreachable for no-route – IP errors All the components of each group use or share the same hardware register. For example, ACL-bridged ingress and egress packets use register A. ICMP-unreachable, no-route, and RPF failures use register B. In most cases, when you change a component of a group, all the components in the group are overwritten to use the same hardware register as the first component changed. A warning message is printed out each time that an overwriting operation occurs, but only if you enable the service internal mode. The overwriting operation does not occur in these situations: • The pps value is set to 0 (zero) for a particular case. • When the ingress or egress ACL-bridged packet cases are disabled, overwriting does not occur until the cases are enabled again. If either case is disabled, the other is not affected as long as the remaining case is enabled. For example, if you program the ingress ACL-bridged packets with a 100-pps rate, and then you configure the egress ACL-bridged packets with a 200-pps rate, the ingress ACL-bridged packet value is overwritten to 200 pps and both the ingress and the egress ACL-bridged packets have a 200-pps rate. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-521 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast ip Examples This example shows how to set the ICMP-redirect limiter for unicast packets: Router(config)# mls rate-limit unicast ip icmp redirect 250 Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-522 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast l3-features mls rate-limit unicast l3-features To enable and set the Layer 3 security rate limiters for the unicast packets, use the mls rate-limit unicast l3-features command. To disable the rate limiters, use the no form of this command. mls rate-limit unicast l3-features pps [packets-in-burst] no mls rate-limit unicast l3-features pps [packets-in-burst] Syntax Description Defaults pps Packets per second; see the “Usage Guidelines” section for valid values. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. The defaults are as follows: • Enabled at 2000 pps and packets-in-burst is set to 1. • If the packets-in-burst is not set, 10 is programmed for unicast cases. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the Layer 3 security rate limiters for the unicast packets: Router(config)# mls rate-limit unicast l3-features 5000 Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-523 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast vacl-log mls rate-limit unicast vacl-log To enable and set the VACL-log case rate limiters, use the mls rate-limit unicast vacl-log command. To disable the rate limiters, use the no form of this command. mls rate-limit unicast vacl-log {pps [packets-in-burst]} no mls rate-limit unicast vacl-log Syntax Description Defaults pps Packets per second; see the “Usage Guidelines” section for valid values. packets-in-burst (Optional) Packets in burst; valid values are from 1 to 255. The defaults are as follows: • Enabled at 2000 pps and packets-in-burst is set to 1. • If the packets-in-burst is not set, 10 is programmed for unicast cases. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The rate limiters can rate limit the packets that are punted from the data path in the hardware up to the data path in the software. The rate limiters protect the control path in the software from congestion and drop the traffic that exceeds the configured rate. When setting the pps, valid values are as follows: • ACL input and output cases—10 to 1000000 pps • VACL log cases—10 to 5000 pps Setting the pps to 0 globally disables the redirection of the packets to the route processor. You cannot change the vacl-log packets-in-burst keyword and argument; it is set to 1 by default. Some cases (or scenarios) share the same hardware register. These cases are divided into the following two groups: • Group1: – Egress ACL-bridged packets – Ingress ACL-bridged packets • Group 2: – RPF failure – ICMP unreachable for ACL drop – ICMP unreachable for no-route Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-524 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rate-limit unicast vacl-log – IP errors All the components of each group use or share the same hardware register. For example, ACL-bridged ingress and egress packets use register A. ICMP-unreachable, no-route, and RPF failures use register B. In most cases, when you change a component of a group, all the components in the group are overwritten to use the same hardware register as the first component changed. A warning message is printed out each time that an overwriting operation occurs, but only if you enable the service internal mode. The overwriting operation does not occur in these situations: Examples • The pps value is set to 0 (zero) for a particular case. • When the ingress or egress ACL-bridged packet cases are disabled, overwriting does not occur until the cases are enabled again. If either case is disabled, the other is not affected if the remaining case is enabled. For example, if you program the ingress ACL-bridged packets with a 100-pps rate, and then you configure the egress ACL-bridged packets with a 200-pps rate, the ingress ACL-bridged packet value is overwritten to 200 pps and both the ingress and the egress ACL-bridged packets have a 200-pps rate. This example shows how to set the VACL-log case packet limiter for unicast packets: Router(config)# mls rate-limit unicast vacl-log 100 Router(config)# This example shows how to disable the rate limiters: Router(config)# no mls rate-limit unicast vacl-log 100 Router(config)# Related Commands Command Description show mls rate-limit Displays information about the MLS rate limiter. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-525 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp ip (global configuration mode) mls rp ip (global configuration mode) To enable external systems to establish IP shortcuts to the PISA, use the mls rp ip command. To remove a prior entry, use the no form of this command. mls rp ip [input-acl | route-map] no mls rp ip Syntax Description input-acl (Optional) Enables the IP-input access list. route-map (Optional) Enables the IP-route map. Defaults No shortcuts are configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to allow the external systems to establish IP shortcuts with IP-input access lists: Router(config)# mls rp ip input-acl Router(config)# Related Commands Command Description mls ip Enables MLS IP for the internal router on the interface. show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-526 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp ip (interface configuration mode) mls rp ip (interface configuration mode) To enable the external systems to enable MLS IP on a specified interface, use the mls rp ip command. To disable MLS IP, use the no form of this command. mls rp ip no mls rp ip Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable the external systems to enable MLS IP on an interface: Router(config-if)# mls rp ip Router(config-if) Related Commands Command Description mls rp ip (global configuration mode) Enables external systems to establish IP shortcuts to the PISA. show mls ip multicast Displays the MLS IP information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-527 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp ipx (global configuration mode) mls rp ipx (global configuration mode) To allow the external systems to enable MLS IPX to the PISA, use the mls rp ipx command. To remove a prior entry, use the no form of this command. mls rp ipx [input-acl] no mls rp ipx Syntax Description input-acl Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Enables MLS IPX and overrides ACLs. This example shows how to allow the external systems to enable MLS IPX to the PISA and override ACLs: Router(config)# mls rp ipx input-acl Router(config)# Related Commands Command Description mls rp ipx (interface configuration mode) Allows the external systems to enable MLS IPX on the interface. show mls rp ipx Displays details for all IPX MLS interfaces on the IPX MLS router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-528 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp ipx (interface configuration mode) mls rp ipx (interface configuration mode) To allow the external systems to enable MLS IPX on the interface, use the mls rp ipx command. To disable MLS IPX on the interface, use the no form of this command. mls rp ipx no mls rp ipx Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to allow the external systems to enable MLS IPX on an interface: Router(config-if)# mls rp ipx Router(config-if)# Related Commands Command Description mls rp ipx (global configuration mode) Allows the external systems to enable MLS IPX to the PISA. show mls rp ipx Displays details for all IPX MLS interfaces on the IPX MLS router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-529 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp management-interface mls rp management-interface To enable the interface as a management interface, use the mls rp management-interface command. To remove a prior entry, use the no form of this command. mls rp management-interface no mls rp management-interface Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable an interface as a management interface: Router(config-if)# mls rp management-interface Router(config-if)# Related Commands Command Description show mls rp Displays MLS details. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-530 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp nde-address mls rp nde-address To specify the NDE address, use the mls rp nde-address command. To remove a prior entry, use the no form of this command. mls rp nde-address ip-address no mls rp nde-address ip-address Syntax Description ip-address Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Examples NDE IP address. Use the following syntax to specify an IP subnet address: • ip-subnet-addr—Short subnet address format. The trailing decimal number 00 in an IP address YY.YY.YY.00 specifies the boundary for an IP-subnet address. For example, 172.22.36.00 indicates a 24-bit subnet address (subnet mask 172.22.36.00/255.255.255.0), and 173.24.00.00 indicates a 16-bit subnet address (subnet mask 173.24.00.00/255.255.0.0). However, this format can identify only a subnet address of 8, 16, or 24 bits. • ip-addr/subnet-mask—Long subnet address format. For example, 172.22.252.00/255.255.252.00 indicates a 22-bit subnet address. This format can specify a subnet address of any bit number. To provide more flexibility, the ip-addr is a full host address, such as 172.22.253.1/255.255.252.00. • ip-addr/maskbits—Simplified long subnet address format. The mask bits specify the number of bits of the network masks. For example, 172.22.252.00/22 indicates a 22-bit subnet address. The ip-addr is a full host address, such as 193.22.253.1/22, which has the same subnet address as the ip-subnet-addr. This example shows how to set the NDE address to 170.25.2.1: Router(config)# mls rp nde-address 170.25.2.1 Router(config)# Related Commands Command Description show mls rp Displays MLS details. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-531 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp vlan-id mls rp vlan-id To assign a VLAN ID to the interface, use the mls rp vlan-id command. To remove a prior entry, use the no form of this command. mls rp vlan-id {vlan-id} no mls rp vlan-id Syntax Description vlan-id Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples VLAN ID number; valid values are from 1 to 4094. This example shows how to assign a VLAN ID to the interface: Router(config-if)# mls rp vlan-id 4 Router(config-if)# Related Commands Command Description show mls rp Displays MLS details. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-532 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls rp vtp-domain mls rp vtp-domain To link the interface to a VTP domain, use the mls rp vtp-domain command. To remove a prior entry, use the no form of this command. mls rp vtp-domain name no mls rp vtp-domain name Syntax Description name Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples VLAN domain name. This example shows how to link the interface to a VTP domain: Router(config-if)# mls rp vtp-domain EverQuest Router(config-if)# Related Commands Command Description show mls rp Displays MLS details. vtp Configures the global VTP state. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-533 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls sampling mls sampling To enable the sampled NetFlow and specify the sampling method, use the mls sampling command. To disable the sampled NetFlow, use the no form of this command. mls sampling {{time-based rate} | {packet-based rate [interval]}} no mls sampling Syntax Description time-based rate Specifies the time-based sampling rate; valid values are 64, 128, 256, 512, 1024, 2046, 4096, and 8192. See the “Usage Guidelines” section for additional information. packet-based rate Specifies the packet-based sampling rate; valid values are 64, 128, 256, 512, 1024, 2046, 4096, and 8192. interval (Optional) Sampling interval; valid values are from 8000 to 16000 milliseconds. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To enable sampling on the PFC3, you must enter the mls sampling command and the mls netflow sampling command on the appropriate interfaces. If you do not enter the mls netflow sampling command, NDE will not export flows. The sampled NetFlow is supported on Layer 3 interfaces only. You can enable the sampled NetFlow even if NDE is disabled, but no flows are exported. With packet-based sampling, a flow with a packet count of n is sampled n/m times, where m is the sampling rate. The time-based sampling is based on a preset interval for each sampling rate. Table 2-24 lists the sample intervals for each rate and period. Table 2-24 Time-Based Sampling Intervals Sampling Rate Sampling Time (milliseconds) Export Interval (Milliseconds) 1 in 64 128 8192 1 in 128 64 8192 1 in 256 32 8192 1 in 512 16 8192 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-534 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls sampling Table 2-24 Time-Based Sampling Intervals (continued) Examples Sampling Rate Sampling Time (milliseconds) Export Interval (Milliseconds) 1 in 1024 8 8192 1 in 2048 4 8192 1 in 4096 4 16384 1 in 8192 4 32768 This example shows how to enable the time-based NetFlow sampling and set the sampling rate: Router(config)# mls sampling time-based 1024 Router(config)# This example shows how to enable the packet-based NetFlow sampling and set the sampling rate and interval: Router(config)# mls sampling packet-based 1024 8192 Router(config)# Related Commands Command Description mls netflow sampling Enables the sampled NetFlow on an interface. show mls sampling Displays information about the sampled NDE status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-535 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls switching mls switching To enable the hardware switching, use the mls switching command. To disable hardware switching, use the no form of this command. mls switching no mls switching Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable the hardware switching: Router(config)# mls switching Router(config)# This example shows how to disable the hardware switching: Router(config)# no mls switching Router(config)# Related Commands Command Description mls switching unicast Enables the hardware switching of the unicast traffic for an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-536 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls switching unicast mls switching unicast To enable the hardware switching of the unicast traffic for an interface, use the mls switching unicast command. To disable the hardware switching of the unicast traffic for an interface, use the no form of this command. mls switching unicast no mls switching unicast Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to enable the hardware switching for an interface: Router(config-if)# mls switching unicast Router(config-if)# This example shows how to disable the hardware switching for an interface: Router(config-if)# no mls switching unicast Router(config-if)# Related Commands Command Description mls switching Enables hardware switching. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-537 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls verify mls verify To enable hardware packet parsing error checks, use the mls verify command. To disable Layer 3 error checking in the hardware, use the no form of this command. mls verify {ip | ipx} {checksum | {length {consistent | minimum}} | same-address | syslog} no mls verify {ip | ipx} {checksum | {length {consistent | minimum}} same-address | syslog} Syntax Description ip Specifies the IP checksum errors. ipx Specifies the IPX checksum errors. checksum Specifies the checksum-error check. length consistent Checks the length in the header against the physical frame length. length minimum Checks the minimum packet length. same-address Checks for the packets that have equal source and destination IP addresses. syslog Defaults Specifies the syslog packet parse error traps. The default settings are as follows: • checksum • same-address is disabled. • syslog is disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The IP too-short packets are the IP packets with an IP header length or IP total length field that is smaller than 20 bytes. When you enter the mls verify ip length minimum command, valid IPv4 packets are switched in the hardware only if the IP protocol fields are equal to one of the following types: • ICMP (1) • IGMP (2) • IP (4) • TCP (6) • UDP (17) • IPv6 (41) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-538 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mls verify • GRE (47) • SIPP-ESP (50) When you enter the no mls verify ip length minimum command, too-short packets are switched in the hardware. The too-short packets that have IP protocol = 6 (TCP) are sent to the software. To prevent packets with the same source and destination IP address from being switched in the hardware, use the mls verify ip same-address command. Examples This example shows how to enable Layer 3 error checking in the hardware: Router(config)# mls verify ip checksum Router(config)# This example shows how to disable Layer 3 error checking in the hardware: Router(config)# no mls verify ip checksum Router(config)# This example shows how to prevent packets with the same source and destination IP address from being switched in the hardware: Router(config)# mls verify ip same-address Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-539 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mobility mobility To configure the wireless mGRE tunnels, use the mobility command. To return to the default settings, use the no form of this command. mobility {network-id id} | {tcp adjust-mss} mobility [trust | broadcast] Syntax Description network-id id Specifies the wireless network ID for the mGRE tunnel; valid values are from 1 to 4095. tcp adjust-mss Adjusts the MSS value in TCP SYN and TCP ACK on the access points automatically. trust (Optional) Specifies the trusted network. broadcast (Optional) Specifies that the mGRE tunnel convert the NBMA to the BMA. Defaults Untrusted network Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on Catalyst 6500 series switches that are configured with a WLSM only. The tcp adjust-mss keywords are supported on mGRE tunnel interfaces only. You can enter the ip tcp adjust-mss value command to change the TCP MSS to a lower value. A trusted network can use DHCP or a static IP address. An untrusted network supports only DHCP clients. Examples This example shows how to specify the network identification number for the mGRE tunnel: Router (config-if)# mobility network-id 200 Router (config-if)# This example shows how to specify the trusted network: Router (config-if)# mobility trust Router (config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-540 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mobility This example shows how to specify that the mGRE tunnel convert the NBMA to the BMA: Router (config-if)# mobility broadcast Router (config-if)# This example shows how to adjust the MSS value in TCP SYN and TCP ACK on the access points automatically: Router (config-if)# mobility tcp adjust-mss Router (config-if)# Related Commands Command Description ip tcp adjust-mss Adjusts the MSS value of TCP SYN packets going through a router. show mobility Displays information about the Layer 3 mobility and the wireless network. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-541 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mode mode To set the redundancy mode, use the mode command. mode {rpr | rpr-plus | sso} Syntax Description Defaults rpr Specifies RPR mode. rpr-plus Specifies RPR+ mode. sso Specifies SSO mode. The defaults are as follows: • SSO mode if the system is not configured for redundancy and the active and standby supervisor engines have the same image. • RPR mode if different versions are installed. • If redundancy is enabled, the default is the mode that you have configured. Command Modes Redundancy configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The rpr-plus keywords are not supported by the Supervisor Engine 32 PISA. NSF with SSO redundancy mode supports IPv4. NSF with SSO redundancy mode does not support IPv6, IPX, and MPLS. If you have configured MPLS on the Catalyst6500 seriessw itch with redundant supervisor engines, you must configure the Catalyst 6500 series switch in RPR mode. The switch should not be running in the default mode of SSO. Enter the redundancy command in global configuration mode to enter redundancy configuration mode. You can enter the mode command within redundancy configuration mode. The standby supervisor engine reloads on any change of mode and begins to work in the current mode. Examples This example shows how to set the redundancy mode to SSO: Router(config)# redundancy Router(config-red)# mode sso Router(config-red)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-542 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mode Related Commands Command Description redundancy Enters redundancy configuration mode. redundancy force-switchover Forces a switchover from the active to the standby supervisor engine. route-converge-interval Configures the time interval after which the old FIB entries are purged. show redundancy Displays RF information. show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-543 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mode dot1q-in-dot1q access-gateway mode dot1q-in-dot1q access-gateway To enable a Gigabit Ethernet WAN interface to act as a gateway for QinQ VLAN translation, use the mode dot1q-in-dot1q access-gateway command. To disable the QinQ VLAN translation on the interface, use the no form of this command. mode dot1q-in-dot1q access-gateway no mode dot1q-in-dot1q access-gateway Syntax Description This command has no keywords or arguments. Defaults Disabled Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the Gigabit Ethernet WAN interfaces on Catalyst 6500 series switches that are configured with an OSM-2+4GE-WAN+ OSM module only. 802.1Q provides a trunking option that tags packets with two VLAN tags to allow multiple VLANs to be trunked together across an intermediate network. This use of a double-tagged tunnel is also referred to as QinQ tunneling. The mode dot1q-in-dot1q access-gateway command enhances QinQ tunneling by tagging packets with two VLAN tags to allow multiple VLANs to be trunked together across an intermediate network. A double-tagged tunnel performs the following functions: • Switches packets that are tagged with two 802.1Q VLAN tags to a destination service that is based on a combination of VLAN tags. • Supports traffic shaping based on the VLAN tags. • Copies the 802.1P prioritization bits (P bits) from the inner (customer) VLAN tag to the outer (service provider) VLAN tag. You can also combine multiple GE-WAN interfaces into a virtual port-channel interface to enable QinQ link bundling. Combining the interfaces not only simplifies the configuration but allows the GE-WAN OSM to load balance the PE VLANs among the physical interfaces that are members of the bundle. In addition, if one interface member of the link bundle goes down, its PE VLANs are automatically reallocated to the other members of the bundle. Note You must remove all IP addresses that have been configured on the interface before using the mode dot1q-in-dot1q access-gateway command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-544 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mode dot1q-in-dot1q access-gateway After configuring the mode dot1q-in-dot1q access-gateway command, use the bridge-domain (subinterface configuration) command to configure the VLAN mapping to be used on each subinterface. Caution Examples Using the mode dot1q-in-dot1q access-gateway command on an interface automatically deletes all the subinterfaces that might be configured on the interface. It also releases any internal VLANs that might have been previously used on the interface and its subinterfaces, allowing them to be reused for QinQ translation. Using the no form of the command deletes all subinterfaces and releases any VLANs that are currently being used by the interface and subinterface. We recommend that you save the interface configuration before entering the mode dot1q-in-dot1q access-gateway command. Note Port-channel interface counters (as shown by the show counters interface port-channel and show interface port-channel counters commands) are not supported for channel groups that are using GE-WAN interfaces for QinQ link bundling. The show interface port-channel {number | number.subif} command (without the counters keyword) is supported, however. Tip The mls qos trust command has no effect on a GE-WAN interface or port-channel group that has been configured with the mode dot1q-in-dot1q access-gateway command. These interfaces and port channels always trust the VLAN CoS bits in this configuration. This example shows a typical configuration for the mode dot1q-in-dot1q access-gateway command: Router# configure terminal Router(config)# interface GE-WAN 4/1 Router(config-if)# mode dot1q-in-dot1q access-gateway Router(config-if)# This example shows the system message that appears when you try to configure the mode dot1q-in-dot1q access-gateway command without first removing the IP address configuration: Router# configure terminal Router(config)# interface GE-WAN 3/0 Router(config-if)# mode dot1q-in-dot1q access-gateway % interface GE-WAN3/0 has IP address 192.168.100.101 configured. Please remove the IP address before configuring 'mode dot1q-in-dot1q access-gateway' on this interface. Router(config-if)# no ip address 192.168.100.101 255.255.255 Router(config-if)# mode dot1q-in-dot1q access-gateway Router(config-if)# This example shows how to disable QinQ mapping on an interface by using the no form of the mode dot1q-in-dot1q access-gateway command. In addition, this command automatically removes all subinterfaces on the interface and all of the subinterface QinQ mappings (configured with the bridge-domain (subinterface configuration) command) and service policies. Router# configure terminal Router(config)# interface GE-WAN 3/0 Router(config-if)# no mode dot1q-in-dot1q access-gateway Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-545 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mode dot1q-in-dot1q access-gateway This example shows a virtual port-channel interface that was created and assigned with two GE-WAN interfaces. The mode dot1q-in-dot1q access-gateway command is then enabled on the port-channel interface to allow it to act as a QinQ link bundle: Router(config)# interface port-channel 20 Router(config-if)# interface GE-WAN 3/0 Router(config-if)# port-channel 20 mode on Router(config-if)# interface GE-WAN 3/1 Router(config-if)# port-channel 20 mode on Router(config-if)# interface port-channel 20 Router(config-if)# no ip address Router(config-if)# mode dot1q-in-dot1q access-gateway Router(config-if)# This example shows the error message that appears if you attempt to enable QinQ translation on a port-channel interface that contains one or more invalid interfaces: Router# configure terminal Router(config)# interface port-channel 30 7600-2(config-if)# mode dot1q-in-dot1q access-gateway % 'mode dot1q-in-dot1q access-gateway' is not supported on Port-channel30 % Port-channel30 contains 2 Layer 2 Gigabit Ethernet interface(s) Router(config-if)# Related Commands Command Description bridge-domain (subinterface configuration) Binds a PVC to the specified vlan-id. class-map Accesses the QoS class map configuration mode to configure QoS class maps. policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. service-policy Attaches a policy map to an interface. set cos cos-inner (policy-map configuration) Sets the 802.1Q prioritization bits in the trunk VLAN tag of a QinQ-translated outgoing packet with the priority value from the inner customer-edge VLAN tag. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-546 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor event-trace (EXEC) monitor event-trace (EXEC) To control the event trace function for a specified Cisco IOS software subsystem component, use the monitor event-trace command. monitor event-trace all-traces {{continuous [cancel]} | {dump [merged] [pretty]}} monitor event-trace l3 {clear | {continuous [cancel]} | disable | {dump [pretty]} | enable | {interface type mod/port} | one-shot} monitor event-trace spa {clear | {continuous [cancel]} | disable | {dump [pretty]} | enable | one-shot} monitor event-trace subsys {clear | {continuous [cancel]} | disable | {dump [pretty]} | enable | one-shot} Syntax Description all-traces Displays the configured merged-event traces. continuous Displays the latest event trace entries continuously. cancel (Optional) Cancels the continuous display of latest trace entries. dump Writes the event trace results to the file configured using the monitor event-trace (global configuration) command. merged (Optional) Dumps the entries in all event traces sorted by time. pretty (Optional) Saves the event trace message in an ASCII format. l3 Displays information about the Layer 3 trace. clear Clears the trace. disable Turns off event tracing for the specified component. enable Turns on event tracing for the specified component. interface type mod/port Specifies the interface to be logged. one-shot Clears any existing trace information from the memory, starts event tracing again, and disables the trace when the trace reaches the size specified using the monitor event-trace (global configuration) command. spa Displays information about the SPA trace. subsys Displays information about the initial trace of the subsystem. Defaults Trace information is saved in a binary format. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-547 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor event-trace (EXEC) Usage Guidelines Use the monitor event-trace (EXEC) command to control what, when, and how event trace data is collected. Use this command after you have configured the event trace functionality on the networking device using the monitor event-trace (global configuration) command. The trace messages are saved in a binary format. Note The amount of data collected from the trace depends on the trace message size configured using the monitor event-trace (global configuration) command for each instance of a trace. Cisco IOS software allows for the subsystem components to define whether support for event tracing is enabled or disabled at boot. You can enable or disable event tracing in two ways: using the monitor event-trace (EXEC) command or using the monitor event-trace (global configuration) command. To enable event tracing again, you would enter the enable form of either of these commands. To determine whether a subsystem has enabled or disabled event tracing, use the monitor event-trace ? command to get a list of software components that support event tracing. To determine whether event tracing is enabled by default for the subsystem, use the show monitor event-trace command to view trace messages. Use the show monitor event-trace command to display trace messages. Use the monitor event-trace component dump command to save trace message information for a single event. By default, trace information is saved in a binary format. If you want to save trace messages in an ASCII format, possibly for additional application processing, use the monitor event-trace component dump pretty command. To write the trace messages for all events currently enabled on a networking device to a file, enter the monitor event-trace dump-file (global configuration) command. To configure the file where you want to save trace information, use the monitor event-trace (global configuration) command. Examples This example shows how to stop event tracing, clear the current memory, and reenable the trace function for the SPA component. This example assumes that the tracing function is configured and enabled on the networking device. Router# monitor event-trace spa disable Router# monitor event-trace spa clear Router# monitor event-trace spa enable This example shows how you can use the one-shot keyword to accomplish the same function as the previous example except that you do not have to enter as many commands. Once the size of the trace message file has been exceeded, the trace is terminated. Router# monitor event-trace spa one-shot Router# This example shows how to write the trace messages for an event in a binary format. The trace messages for the IPC component are written to a file as follows: Router# monitor event-trace ipc dump Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-548 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor event-trace (EXEC) This example shows how to write the trace messages for an event in an ASCII format. In this example, the trace messages for the MBUS component are written to a file. Router# monitor event-trace mbus dump pretty Router# Related Commands Command Description monitor event-trace (global configuration) Configures event tracing for a specified Cisco IOS software subsystem component. show monitor event-trace Displays event trace messages for Cisco IOS software subsystem components. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-549 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor event-trace (global configuration) monitor event-trace (global configuration) To configure event tracing for a specified Cisco IOS software subsystem component, use the monitor event-trace (global) command. To change the default setting to enable or disable event tracing, see the “Usage Guidelines” section for this command. monitor event-trace all-traces dump-file filename monitor event-trace l3 {disable | dump-file filename | enable | size number | {stacktrace [depth]}} monitor event-trace sequence-number monitor event-trace spa {disable | dump-file filename | enable | size number | {stacktrace [depth]}} monitor event-trace stacktrace monitor event-trace subsys {disable | dump-file filename | enable | size number | {stacktrace [depth]}} monitor event-trace timestamps [{datetime [localtime] [msec] [show-timezone]} | uptime] Syntax Description Defaults dump-file filename Specifies the URL to store the dump file containing the merged traces. l3 Displays information about the Layer 3 trace. disable Turns off event tracing. enable Turns on event tracing. size number Sets the number of messages that can be written to memory for a single instance of a trace; valid values are from 1 to 65536 messages. stacktrace Displays the stack trace stored with event trace entries. depth (Optional) Trace call stack at tracepoints; valid values are from 1 to 16. sequence-number Displays the event trace entries with a sequence number. spa Displays information about the SPA trace. subsys Displays information about the initial trace of the subsystem. timestamps Displays information about the format of event trace time stamps. datetime (Optional) Displays information about the format of event trace time stamps. localtime (Optional) Displays information about the format of event trace time stamps and includes the date and time. msec (Optional) Includes milliseconds in the time stamp. show-timezone (Optional) Displays information about the format of event trace time stamps and includes time zone information. uptime (Optional) Displays time-stamped information about the system uptime. Enabled or disabled depending on the software component. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-550 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor event-trace (global configuration) Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Event tracing is intended for use as a software diagnostic tool and should be configured only under the direction of a TAC representative. In Cisco IOS software images that do not provide subsystem support for the event trace function, the monitor event-trace (global configuration) command is not available. Cisco IOS software allows the subsystem components to define whether support for event tracing is enabled or disabled by default. The command interface for event tracing allows users to change the default two ways: using the monitor event-trace (EXEC) command or using the monitor event-trace (global configuration) command. Additionally, default settings do not show up in the configuration file. If the subsystem software enables event tracing by default, the monitor event-trace component enable command will not show up in the configuration file of the networking device; however, disabling event tracing that has been enabled by default by the subsystem will create a line in the configuration file. Note The amount of data collected from the trace depends on the trace message size configured using the monitor event-trace (global configuration) command for each instance of a trace. When the number of event trace messages in memory exceeds the size, new messages will begin to overwrite the older messages in the file. The maximum filename length (path and filename) is 100 characters and the path can point to flash memory on the networking device or to a TFTP or FTP server. To determine whether a subsystem has enabled or disabled event tracing, use the monitor event-trace ? command to get a list of software components that support event tracing. To determine whether event tracing is enabled by default for the subsystem, use the show monitor event-trace command to view trace messages. To specify the trace call stack at tracepoints, you must clear the trace buffer first. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-551 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor event-trace (global configuration) Examples This example shows how to stop event tracing, clear the current memory, and reenable the trace function for the SPA component. This example assumes that the tracing function is configured and enabled on the networking device. Router(config)# monitor event-trace spa disable Router(config)# monitor event-trace spa clear Router(config)# monitor event-trace spa enable Related Commands Command Description monitor event-trace (EXEC) Controls the event trace function for a specified Cisco IOS software subsystem component. show monitor event-trace Displays event trace messages for Cisco IOS software subsystem components. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-552 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor permit-list monitor permit-list To configure a destination port permit list or add to an existing destination port permit list, use the monitor permit-list command. To delete from or clear an existing destination port permit list, use the no form of this command. monitor permit-list monitor permit-list destination {interface type} {slot/port[-port] [, type slot/port - port] no monitor permit-list no monitor permit-list destination {interface type} {slot/port[-port] [, type slot/port - port] Syntax Description destination Specifies a destination port. interface type Specifies the interface type; valid values are ethernet, fastethernet, gigabitethernet, or tengigabitethernet. slot/port Slot and port number. -port (Optional) Range of ports. , (Optional) Additional interface type and range of ports. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To prevent accidental configuration of ports as destinations, you can create a permit list of the ports that are valid for use as destinations. With a destination port permit list configured, you can only configure the ports in the permit list as destinations. Examples This example shows how to configure a destination port permit list that includes Gigabit Ethernet ports 5/1 through 5/4 and 6/1: Router# configure terminal Router(config)# monitor permit-list Router(config)# monitor permit-list destination interface gigabitethernet 5/1-4, gigabitethernet 6/1 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-553 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor permit-list Related Commands Command Description show monitor permit-list Displays the permit-list state and interfaces configured. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-554 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session monitor session To start a new ERSPAN, SPAN, or RSPAN session, add or delete interfaces or VLANs to or from an existing session, filter ERSPAN, SPAN, or RSPAN traffic to specific VLANs, or delete a session, use the monitor session command. To remove one or more source or destination interfaces from the session, remove a source VLAN from the session, or delete a session, use the no form of this command. monitor session session source {{interface type} | {{vlan vlan-id} [rx | tx | both]} | {remote vlan rspan-vlan-id}} monitor session session destination {{interface type} | {vlan vlan-id} | {remote vlan vlan-id} | {analysis-module slot-number} | {data-port port-number}} monitor session session-number filter vlan vlan-range monitor session servicemodule mod-list monitor session session-number type {erspan-source | erspan-destination} no monitor session {{range session-range} | local | remote | all | session} no monitor session session source {{interface type} | {{vlan vlan-id} [rx | tx | both]} | {remote vlan rspan-vlan-id}} no monitor session session destination {{interface type} | {vlan vlan-id} | {remote vlan vlan-id} | {analysis-module slot-number} | {data-port port-number}} Syntax Description session Number of the SPAN session; valid values are from 1 to 66. source Specifies the SPAN source. interface type Specifies the interface type; see the “Usage Guidelines” section for formatting information. vlan vlan-id Specifies the VLAN ID; valid values are from 1 to 4094. rx (Optional) Specifies the monitor-received traffic only. tx (Optional) Specifies the monitor-transmitted traffic only. both (Optional) Specifies the monitor-received and monitor-transmitted traffic. remote vlan rspan-vlan-id Specifies the RSPAN VLAN as a destination VLAN. destination Specifies the SPAN-destination interface. analysis-module slot-number Specifies the network analysis module number; see the “Usage Guidelines” section for additional information. data-port port-number Specifies the data-port number; see the “Usage Guidelines” section for additional information. filter vlan vlan-range Limits SPAN-source traffic to specific VLANs. servicemodule Specifies service modules. mod-list (Optional) List of service module numbers. type erspan-source Enters the ERSPAN source-session configuration mode; see the monitor session type command for additional information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-555 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session Defaults type erspan-destination Enters the ERSPAN destination-session configuration mode; see the monitor session type command for additional information. range session-range Specifies the range of sessions. local Specifies the local session. remote Specifies the remote session. all Specifies all sessions. The defaults are as follows: • both. • servicemodule—All service modules are allowed to use the SPAN servicemodule session. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-556 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session Usage Guidelines Note Be careful when configuring SPAN-type source ports that are associated to SPAN-type destination ports because you do not configure SPAN on high-traffic interfaces. If you configure SPAN on high-traffic interfaces, you may saturate replication engines and interfaces. To configure SPAN-type source ports that are associated to SPAN-type destination ports, enter the monitor session session source {{interface type} | {{vlan vlan-id} [rx | tx | both]} | {remote vlan rspan-vlan-id}} command. Use these formatting guidelines when configuring monitor sessions: • interface and single-interface formats are type slot/port; valid values for type are ethernet, fastethernet, gigabitethernet, or tengigabitethernet. • An interface-list is a list of interfaces that are separated by commas. Insert a space before and after each comma as shown in this example: single-interface , single-interface , single-interface ... • An interface-range is a range of interfaces that are separated by dashes. Insert a space before and after each dash. To enter multiple ranges, separate each range with a comma as shown in this example: type slot/first-port - last-port • A mixed-interface-list is a mixed list of interfaces. Insert a space before and after each dash and comma as shown in this example: single-interface, interface-range , ... in any order. • A single-vlan is an ID number of a single VLAN; valid values are from 1 to 4094. • A vlan-list is a list of VLAN IDs that are separated by commas. An example is shown as follows: single-vlan , single-vlan , single-vlan ... • A vlan-range is a range of VLAN IDs that are separated by dashes. An example is shown as follows: first-vlan-ID - last-vlan-ID • A mixed-vlan-list is a mixed list of VLAN IDs. Insert a space before and after each dash. To enter multiple ranges, separate each VLAN ID with a comma as shown in this example: single-vlan , vlan-range , ... in any order The analysis-module slot-number and the data-port port-number keywords and arguments are supported on Network Analysis Modules only. The number of valid values for port-channel number are a maximum of 64 values ranging from 1 to 256. You cannot share the destination interfaces among SPAN sessions. For example, a single destination interface can belong to one SPAN session only and cannot be configured as a destination interface in another SPAN session. The local SPAN, RSPAN, and ERSPAN session limits are as follows: Total Sessions Local SPAN, RSPAN Source, or ERSPAN Source Sessions RSPAN Destination Sessions ERSPAN Destination Sessions 66 2 (ingress or egress or both) 64 23 The local SPAN, RSPAN, and ERSPAN source and destination limits are as follows: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-557 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session In Each Local SPAN Session In Each RSPAN Source Session In Each ERSPAN Source Session Egress or ingress and egress sources 128 128 In Each RSPAN Destination Session In Each ERSPAN Destination Session — — — — 128 Ingress sources 128 128 128 RSPAN and ERSPAN destination session sources — — — Destinations per session 64 1 RSPAN VLAN 1 IP address 1 RSPAN VLAN 1 IP address 64 64 A particular SPAN session can either monitor the VLANs or monitor individual interfaces—you cannot have a SPAN session that monitors both specific interfaces and specific VLANs. If you first configure a SPAN session with a source interface, and then try to add a source VLAN to the same SPAN session, you get an error. You also get an error if you configure a SPAN session with a source VLAN and then try to add a source interface to that session. You must first clear any sources for a SPAN session before switching to another type of source. If you enter the filter keyword on a monitored trunk interface, only traffic on the set of specified VLANs is monitored. The port-channel interfaces display in the list of interface options if you have them configured. The VLAN interfaces are not supported. However, you can span a particular VLAN by entering the monitor session session source vlan vlan-id command. The show monitor command displays the SPAN servicemodule session only if it is allocated in the system. It also displays a list of allowed modules and a list of active modules that can use the servicemodule session. Only the no form of the monitor session servicemodule command is displayed when you enter the show running-config command. If no module is allowed to use the servicemodule session, the servicemodule session is automatically deallocated. If at least one module is allowed to use the servicemodule session and at least one module is online, the servicemodule session is automatically allocated. If you allow or disallow a list of modules that are not service modules from using the servicemodule session, there will be no effect on the allocation or deallocation of the servicemodule session. Only the list of modules is saved in the configuration. If you disable the SPAN servicemodule session with the no monitor session servicemodule command, allowing or disallowing a list of modules from using the servicemodule session has no effect on the allocation or deallocation of the servicemodule session. Only the list of modules is saved in the configuration. The monitor session servicemodule command is accepted even if there are no modules physically inserted in any slot. Examples This example shows how to configure multiple sources for a session: Router(config)# monitor session 2 source interface fastethernet 5/15 , 7/3 rx Router(config)# monitor session 2 source interface gigabitethernet 1/2 tx Router(config)# monitor session 2 source interface port-channel 102 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-558 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session Router(config)# monitor session 2 source filter vlan 2 - 3 Router(config)# monitor session 2 destination remote vlan 901 This example shows how to configure an RSPAN destination in the final switch (RSPAN destination session): Router(config)# monitor session 8 source remote vlan 901 Router(config)# monitor session 8 destination interface fastethernet 1/2 , 2/3 This example shows how to clear the configuration for sessions 1 and 2: Router(config)# no monitor session 1 - 2 Router(config)# This example shows how to clear the configuration for all sessions: Router(config)# no monitor session all Router(config)# This example shows how to clear the configuration for all remote sessions: Router(config)# no monitor session remote Router(config)# This example shows how to allow a list of modules to use the SPAN servicemodule session: Router(config)# monitor session servicemodule module 1-2 Router(config)# This example shows how to disallow a list of modules from using the SPAN servicemodule session: Router(config)# no monitor session servicemodule module 1-2 Router(config)# Related Commands Command Description remote-span Configures a VLAN as an RSPAN VLAN. show monitor session Displays information about the ERSPAN, SPAN, and RSPAN sessions. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-559 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session type monitor session type To create an ERSPAN source session number or enter the ERSPAN session configuration mode for the session, use the monitor session type command. To remove one or more source or destination interfaces from the ERSPAN session, use the no form of this command. monitor session erspan-session-number type {erspan-destination | erspan-source} no monitor session erspan-session-number type {erspan-destination | erspan-source} Syntax Description erspan-session-number Number of the SPAN session; valid values are from 1 to 66. type erspan-destination Specifies the ERSPAN destination-session configuration mode. type erspan-source Specifies the ERSPAN source-session configuration mode. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines ERSPAN is supported on hardware revision 3.2 or higher. Enter the show module version | include WS-SUP720-BASE command to display the hardware revision. ERSPAN traffic is GRE-encapsulated SPAN traffic that can only be processed by an ERSPAN destination session. All ERSPAN source sessions on a switch must use the same source IP address. You enter the origin ip address command to configure the IP address for the ERSPAN source sessions. All ERSPAN destination sessions on a switch must use the same IP address. You enter the ip address command to configure the IP address for the ERSPAN destination sessions. If the ERSPAN destination IP address is not a Supervisor Engine 32 PISA (for example, it is a network sniffer), the traffic arrives with the GRE and RSPAN headers/encapsulation intact. The ERSPAN source session destination IP address, which must be configured on an interface on the destination switch, is the source of traffic that an ERSPAN destination session sends to the destination ports. You configure the same address in both the source and destination sessions with the ip address command. The ERSPAN ID differentiates the ERSPAN traffic arriving at the same destination IP address from different ERSPAN source sessions. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-560 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session type The local ERSPAN session limits are as follows: • Total sessions—66 • Source sessions—2 (ingress or egress or both) • Destination sessions—23 The monitor session type command creates a new ERSPAN session or allows you to enter the ERSPAN session configuration mode. ERSPAN uses separate source and destination sessions. You configure the source and destination sessions on different switches. The ERSPAN session configuration mode prompts are as follows: • Router(config-mon-erspan-src)—Indicates the ERSPAN source session configuration mode. • Router(config-mon-erspan-src-dst)—Indicates the ERSPAN source session destination configuration mode. • Router(config-mon-erspan-dst)—Indicates the ERSPAN destination session configuration mode. • Router(config-mon-erspan-dst-src)—Indicates the ERSPAN destination session source configuration mode Table 2-25 lists the ERSPAN destination session configuration mode syntaxes. Table 2-25 ERSPAN Destination Session Configuration Mode Syntaxes Syntax Description Global Configuration Mode monitor session erspan-destination-session-number type erspan-destination Enters ERSPAN destination session configuration mode and changes the prompt to the following: Router(config-mon-erspan-dst)# Destination Session Configuration Mode description session-description (Optional) Describes the ERSPAN destination session. shutdown (Optional) (Default) Inactivates the ERSPAN destination session. no shutdown Activates the ERSPAN destination session. destination {single-interface | interface-list | interface-range | mixed-interface-list} Associates the ERSPAN destination session number with the destination ports. source Enters ERSPAN destination session source configuration mode and changes the prompt to the following: Router(config-mon-erspan-dst-src)# Destination Session Source Configuration Mode ip address ip-address [force] Configures the ERSPAN flow destination IP address, which must also be configured on an interface on the destination switch and be entered in the ERSPAN destination session configuration. erspan-id erspan-flow-id Configures the ID number used by the destination and destination sessions to identify the ERSPAN traffic. vrf vrf-name (Optional) Configures the VRF name of the packets in the ERSPAN traffic. Table 2-26 lists the ERSPAN source session configuration mode syntaxes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-561 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session type Table 2-26 ERSPAN Source Session Configuration Mode Syntaxes Syntax Description Global Configuration Mode monitor session erspan-source-session-number type erspan-source Enters ERSPAN source session configuration mode and changes the prompt to the following: Router(config-mon-erspan-src)# Source Session Configuration Mode description session-description (Optional) Describes the ERSPAN source session. shutdown (Optional) (Default) Inactivates the ERSPAN source session. no shutdown Activates the ERSPAN source session. source {{single-interface | interface-list | interface-range | mixed-interface-list | single-vlan | vlan-list | vlan-range | mixed-vlan-list} [rx | tx | both]} Associates the ERSPAN source session number with the source ports or VLANs, and selects the traffic direction to be monitored. filter {single-vlan | vlan-list | vlan-range | mixed-vlan-list} (Optional) Configures source VLAN filtering when the ERSPAN source is a trunk port. destination Enters ERSPAN source session destination configuration mode and changes the prompt to the following: Router(config-mon-erspan-src-dst)# Source Session Destination Configuration Mode ip address ip-address Configures the ERSPAN flow destination IP address, which must also be configured on an interface on the destination switch and be entered in the ERSPAN destination session configuration. erspan-id erspan-flow-id Configures the ID number used by the source and destination sessions to identify the ERSPAN traffic. origin ip address ip-address Configures the IP address used as the source of the ERSPAN traffic. ip {{ttl ttl-value} | {prec ipp-value} | {dscp dscp-value}} (Optional) Configures the following packet values in the ERSPAN traffic: vrf vrf-name • ttl ttl-value—IP time-to-live (TTL) value • prec ipp-value—IP-precedence value • dscp dscp-value—IP-precedence value (Optional) Configures the VRF name of the packets in the ERSPAN traffic. When you configure the monitor sessions, follow these syntax guidelines: • erspan-destination-span-session-number can range from 1 to 66. • single-interface is interface type slot/port; type is ethernet, fastethernet, gigabitethernet, or tengigabitethernet. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-562 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session type • interface-list is single-interface , single-interface , single-interface ... Note In lists, you must enter a space before and after the comma. In ranges, you must enter a space before and after the dash. • interface-range is interface type slot/first-port - last-port . • mixed-interface-list is, in any order, single-interface , interface-range , ... • erspan-flow-id can range from 1 to 1023. When you clear the monitor sessions, follow these syntax guidelines: • The no monitor session session-number command entered with no other parameters clears the session session-number. • session-range is first-session-number-last-session-number. Note Examples When you enter the no monitor session range command, do not enter spaces before or after the dash. If you enter multiple ranges, do not enter spaces before or after the commas. This example shows how to configure an ERSPAN source session number and enter the ERSPAN source session configuration mode for the session: Router(config)# monitor session 55 type erspan-source Router(config-mon-erspan-src)# This example shows how to configure an ERSPAN destination session number and enter the ERSPAN destination session configuration mode for the session: Router(config)# monitor session 55 type erspan-destination Router(config-mon-erspan-dst)# This example shows how to associate the ERSPAN destination session number with the destination ports: Router(config-mon-erspan-dst) destination interface fastethernet 1/2 , 2/3 This example shows how to enter the ERSPAN destination session source configuration: Router(config-mon-erspan-dst)# source Router(config-mon-erspan-dst-src)# This example shows how to enter the ERSPAN destination session source configuration mode: Router(config-mon-erspan-dst)# source Router(config-mon-erspan-dst-src)# This example shows how to configure multiple sources for a session: Router(config-mon-erspan-src)# Router(config-mon-erspan-src)# Router(config-mon-erspan-src)# Router(config-mon-erspan-src)# Router(config-mon-erspan-src)# source source source source interface fastethernet 5/15 , 7/3 rx interface gigabitethernet 1/2 tx interface port-channel 102 filter vlan 2 - 3 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-563 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA monitor session type This example shows how to enter the ERSPAN source session destination configuration mode: Router(config-mon-erspan-src)# destination Router(config-mon-erspan-src-dst)# This example shows how to configure the ID number that is used by the source and destination sessions to identify the ERSPAN traffic: Router(config-mon-erspan-src-dst)# erspan-id 1005 Router(config-mon-erspan-src-dst)# Related Commands Command Description show monitor session Displays information about the ERSPAN, SPAN, and RSPAN sessions. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-564 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mpls l2transport route mpls l2transport route To enable routing of Layer 2 packets over MPLS, use the mpls l2transport route command. To disable routing over MPLS, use the no form of this command. mpls l2transport route destination vc-id no mpls l2transport route destination vc-id Syntax Description destination IP address of the router to which the virtual circuit is destined. vc-id Virtual-circuit identification to a router. Defaults This command has no default settings. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mpls l2transport route command enables the virtual connection used to route the VLAN packets. The types of virtual connections used are as follows: • VC Type 4—Allows all the traffic in a VLAN to use a single VC across the MPLS network. • VC Type 5—Allows all traffic on a port to share a single VC across the MPLS network. During the VC setup, VC type 5 is advertised. If the peer advertises VC type 4, the VC type is changed to type 4 and the VC is restarted. Note that the change only happens from type 5 to type 4 and never from type 4 to type 5. An MPLS VLAN virtual circuit in Layer 2 runs across an MPLS cloud to connect the VLAN interfaces on two PE routers. Use the mpls l2transport route command on the VLAN interface of each PE router to route the VLAN packets in Layer 2 across the MPLS cloud to the VLAN interface of the other PE router. Specify the IP address of the other PE router for the destination parameter. Do not specify the IP address of the router from which you are issuing the command. You can choose any value for the virtual-connection ID. However, the virtual-circuit ID must be unique to the virtual connection. In large networks, you may need to track the virtual-connection ID assignments to ensure that a virtual-connection ID does not get assigned twice. The routed virtual connections are supported on the main interfaces, not subinterfaces. The virtual-circuit ID must be unique to each virtual connection. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-565 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mpls l2transport route Examples This example shows how to enable routing of Layer 2 packets over MPLS: Router(config-if)# mpls l2transport route 192.16.0.1 Router(config-if)# Related Commands Command Description show mpls l2transport Displays the state of virtual circuits on a router. vc Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-566 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mpls load-balance per-label mpls load-balance per-label To enable the load balancing for the tag-to-tag traffic, use the mpls load-balance per-label command. To return to the default settings, use the no form of this command. mpls load-balance per-label no mpls load-balance per-label Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you enable load balancing for the tag-to-tag traffic, the traffic is balanced based on the incoming label (per prefix) among MPLS interfaces. Each MPLS interface supports an equal number of incoming labels. You can use the show mpls ttfib command to display the incoming label (indicated by an asterisk) that is included in the load balancer. Examples This example shows how to enable the load balancing for the tag-to-tag traffic: Router(config)# mpls load-balance per-label Router(config)# This example shows how to disable the load balancing for the tag-to-tag traffic: Router(config)# no mpls load-balance per-label Router(config)# Related Commands Command Description show mpls ttfib Displays information about the MPLS TTFIB table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-567 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mpls ttl-dec mpls ttl-dec To specify standard MPLS tagging, use the mpls ttl-dec command. To return to the default settings, use the no form of this command. mpls ttl-dec no mpls ttl-dec Syntax Description This command has no arguments or keywords. Defaults Optimized MPLS tagging (no mpls ttl-dec). Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines MPLS tagging has been optimized to allow the rewriting of the original packet’s IP ToS and TTL values before the MPLS label is pushed onto the packet header. This change can result in a slightly lower performance for certain types of traffic. If the packet’s original ToS/TTL values are not significant, you enter the mpls ttl-dec command for standard MPLS tagging. Examples This example shows how to configure the Catalyst 6500 series switch to use standard MPLS tagging behavior: Router(config)# mpls ttl-dec Router(config)# This example shows how to configure the Catalyst 6500 series switch to use optimized MPLS tagging behavior: Router(config)# no mpls ttl-dec Router(config)# Related Commands Command Description mpls l2transport route Enables routing of Layer 2 packets over MPLS. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-568 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mtu mtu To adjust the maximum packet size or MTU size, use the mtu command. To return to the default settings, use the no form of this command. mtu bytes no mtu Syntax Description bytes Defaults Table 2-27 lists the default MTU values if you disable the jumbo frames. Byte size; valid values are from 64 to 9216 for SVI ports, from 1500 to 9170 for the GE-WAN+ ports, and from 1500 to 9216 for all other ports. Table 2-27 Default MTU Values Media Type Default MTU (bytes) Ethernet 1500 Serial 1500 Token Ring 4464 ATM 4470 FDDI 4470 HSSI (HSA) 4470 If you enable the jumbo frames, the default is 64 for the SVI ports and 9216 for all the other ports. The jumbo frames are disabled by default. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines For switch ports, only one larger-than-default MTU value is allowed globally. For Layer 3 ports, including router ports and VLANs, you can configure nondefault MTU values on a per-interface basis. For a complete list of modules that do not support jumbo frames, refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Changing the MTU value with the mtu command can affect values for the protocol-specific versions of the command (for example, the ip mtu command). If the values that are specified with the ip mtu command are the same as the value that is specified with the mtu command, and you change the value for the mtu command, the ip mtu value automatically matches the new mtu command value. However, changing the values for the ip mtu command has no effect on the value for the mtu command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-569 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA mtu Examples This example shows how to specify an MTU of 1800 bytes: Router(config)# interface fastethernet 5/1 Router(config-if)# mtu 1800 Related Commands Command Description ip mtu Sets the MTU size of IP packets sent on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-570 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA name (MST configuration submode) name (MST configuration submode) To set the name of an MST region, use the name command. To return to the default name, use the no form of this command. name name no name name Syntax Description name Defaults Empty string Command Modes MST configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Caution Examples Name to give the MST region. It can be any string with a maximum length of 32 characters. Two or more Catalyst 6500 series switches with the same VLAN mapping and configuration version number are considered to be in different MST regions if the region names are different. Be careful when using the name command to set the name of an MST region. If you make a mistake, you can put the Catalyst 6500 series switch in a different region. The configuration name is a case-sensitive parameter. This example shows how to name a region: Router(config-mst)# name Cisco Router(config-mst)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-571 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA name (MST configuration submode) Related Commands Command Description instance Maps a VLAN or a set of VLANs to an MST instance. revision Sets the revision number for the MST configuration. show Verifies the MST configuration. show spanning-tree mst Displays the information about the MST protocol. spanning-tree mst configuration Enters MST-configuration submode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-572 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA neighbor neighbor To specify the type of tunnel signaling and encapsulation mechanism for each peer, use the neighbor command. To disable a split horizon, use the no form of this command. neighbor remote-router-id {encapsulation encapsulation-type} | {pw-class pw-name} [no-split-horizon] no neighbor remote-router-id Syntax Description remote-router-id Remote peering router identification. encapsulation encapsulation Specifies the tunnel encapsulation type; valid values are l2tpv3 and mpls. pw-class pw-name Specifies the pseudo-wire property to be used to set up the emulated VC. no-split-horizon (Optional) Disables the Layer 2 split horizon in the data path. Defaults Split horizon is enabled. Command Modes Layer 2 VFI manual configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. To avoid looping, you should not disable a split horizon in a fully meshed Virtual PVLAN service (VPLS) network. Examples This example shows how to specify the tunnel encapsulation type: Router(config-vfi)# neighbor 333 encapsulation mpls Router(config-vfi)# This example shows how to disable the Layer 2 split horizon in the data path: Router(config-vfi)# neighbor 333 no-split-horizon Router(config-vfi)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-573 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA net net To configure an IS-IS NET for the routing process, use the net command. To remove a NET, use the no form of this command. net net1 {alt net2} no net net Syntax Description Defaults net1 NET NSAP name or address for the IS-IS routing process on the PISA in the primary slot; see the “Usage Guidelines” section for additional information. alt net2 Specifies the NET name or address for the IS-IS routing process on the PISA in the alternate slot; see the “Usage Guidelines” section for additional information. net NET NSAP name or address to be removed. The defaults are as follows: • No NET is configured. • IS-IS process is disabled. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines A NET is an NSAP where the last byte is always the n-selector and is always zero. A NET can be from 8 to 20 bytes. Under most circumstances, you should configure one NET only. When entering the net, use these guidelines: • In a 3-slot chassis, slot 1 is the primary slot and slot 2 is the alternate slot. • In a 6-slot chassis, slot 5 is the primary slot and slot 6 is the alternate slot. • In a 9-slot chassis, slot 5 is the primary slot and slot 6 is the alternate slot. • In a 13-slot chassis, slot 7 is the primary slot and slot 8 is the alternate slot. If you are using IS-IS to perform IP routing only (no connectionless network service routing is enabled), you must configure a NET to define the router ID and area ID. Multiple NETs per router are allowed with a maximum of three NETs. In rare circumstances, you can configure two or three NETs. In such a case, the area this router is in will have three area addresses and only one area. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-574 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA net Multiple NETs can be temporarily useful for network reconfiguration where multiple areas are merged, or where one area is split into more areas. Multiple area addresses enable you to renumber an area individually as needed. Examples This example shows how to configure a router with system ID 0000.0c11.1110 and area ID 47.0004.004d.0001: router isis Pieinthesky net 47.0004.004d.0001.0001.0c11.1111.00 This example shows three IS-IS routing processes with three areas that are configured. Each area has a unique identifier, but the system ID is the same for all areas. clns routing ... interface Tunnel529 ip address 10.0.0.5 255.255.255.0 ip router isis BB clns router isis BB interface Ethernet1 ip address 10.1.1.5 255.255.255.0 ip router isis A3253-01 clns router isis A3253-01 ! interface Ethernet2 ip address 10.2.2.5 255.255.255.0 ip router isis A3253-02 clns router isis A3253-02 ... router isis BB net 49.2222.0000.0000.0005.00 ! router isis A3253-01 net 49.0553.0001.0000.0000.0005.00 is-type level-1 ! router isis A3253-02 net 49.0553.0002.0000.0000.0005.00 is-type level-1 Related Commands ! Defaults to "is-type level-1-2" Command Description is-type Configures the routing level for an instance of the IS-IS routing process. router isis Enables the IS-IS routing protocol and specifies an IS-IS process. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-575 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA nsf nsf To enable and configure Cisco NSF, use the nsf command. To disable NSF, use the no form of this command. nsf [enforce global] nsf [{cisco | ietf} | {interface {wait seconds}} | {interval minutes} | {t3 [adjacency | {manual seconds}}] no nsf Syntax Description Defaults enforce global (Optional) Cancels OSPF NSF restart when non-NSF-aware neighbors are detected. cisco (Optional) Specifies the Cisco proprietary IS-IS NSF method of checkpointing if the active RP fails over. ietf (Optional) Specifies the IETF IS-IS NSF method of protocol modification if the active RP fails over. interface wait seconds (Optional) Specifies how long to wait for an interface to come up after failover before it proceeds with the Cisco NSF process; valid values are from 1 to 60 seconds. interval minutes (Optional) Specifies how long to wait after a route processor stabilizes before restarting; valid values are from 0 to 1440 minutes. t3 adjacency (Optional) Specifies that the time that IETF NSF waits for the LSP database to synchronize is determined by the adjacency holdtime advertised to the neighbors of the specified RP before switchover. t3 manual seconds (Optional) Specifies the time to wait after the NSF database synchronizes before informing other nodes to remove the restarting node from consideration as a transit; valid values are from 5 to 3600 seconds. The default settings are as follows: • NSF is disabled. • enforce global—Enabled. • interval minutes—5 minutes. • interface wait seconds—10 seconds. • t3 manual seconds—30 seconds. Command Modes Router configuration IS-IS Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-576 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA nsf Usage Guidelines Note The nsf interface wait command can be used if Cisco proprietary IS-IS NSF is configured or if the Internet Engineering Task Force (IETF) IS-IS NSF is enabled using the nsf t3 manual command. You can use this command if an interface is slow to come up. Cisco NSF is required only if the Catalyst 6500 series switch is expected to perform Cisco NSF during a restart. If the Catalyst 6500 series switch is expected to cooperate with a neighbor that is doing a Cisco NSF restart only, the switch must be NSF capable by default (running a version of code that supports Cisco NSF), but Cisco NSF does not have to be configured on the switch. The nsf commands are a subset of the router command and affects all the interfaces that are covered by the designated process. Cisco NSF supports the BGP, OSPF, IS-IS, and EIGRP protocols. The configuration commands that enable NSF processing are as follows: • nsf under the router ospf command • nsf ietf under the router isis command • bgp graceful-restart under the router bgp command These commands must be issued as part of the router’s running configuration. During the restart, these commands are restored to activate the NSF processing. The [{cisco | ietf} | {interface {wait seconds}} | {interval minutes} | {t3 [adjacency | {manual seconds}}] keywords and arguments apply to IS-IS only. The {enforce global} keywords apply to OSPF only. BGP NSF Guidelines BGP support in NSF requires that neighbor networking devices be NSF-aware devices; that is, they must have the graceful restart capability and advertise that capability in the OPEN message during session establishment. If an NSF-capable router discovers that a particular BGP neighbor does not have the graceful restart capability enabled, it will not establish an NSF-capable session with that neighbor. All other neighbors that have a graceful restart capability will continue to have NSF-capable sessions with this NSF-capable networking device. Enter the bgp graceful-restart router configuration command to enable the graceful restart capability. Refer to the Cisco IOS Release 12.2 Command Reference for more information. EIRGP NSF Guidelines A router may be an NSF-aware router but may not be participating in helping out the NSF restarting neighbor because it is coming up from a cold start. IS-IS NSF Guidelines If you configure IETF on the networking device, but neighbor routers are not IETF-compatible, NSF will abort after the switchover. Use these two keywords when configuring IS-IS NSF: • ietf—Internet Engineering Task Force IS-IS—After a supervisor engine switchover, the NSF-capable router sends the IS-IS NSF restart requests to the neighboring NSF-aware devices. • cisco—Cisco IS-IS. Full adjacency and LSP information is saved (checkpointed) to the standby supervisor engine. After a switchover, the newly active supervisor engine maintains its adjacencies using the checkpointed data to quickly rebuild its routing tables. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-577 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA nsf OSPF NSF Guidelines OSPF NSF requires that all neighbor networking devices be NSF-aware devices. If an NSF-capable router discovers that it has non-NSF aware neighbors on a particular network segment, it will disable the NSF capabilities for that segment. The other network segments that are composed entirely of NSF-capable or NSF-aware routers will continue to provide NSF capabilities. OSPF NSF supports N SF/SSO forIPv4 traffic only.OSPFv3 is not supported with NSF/SSO. Only OSPFv2 is supported with NSF/SSO. Examples This example shows how to enable NSF for all OSPF-process interfaces: Router(config)# router ospf 109 Router(config-router)# nsf Router(config-router)# This example shows how to disable NSF for all OSPF-process interfaces: Router(config)# router ospf 109 Router(config-router)# no nsf Router(config-router)# Related Commands Command Description router Enables a routing process. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-578 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA pagp learn-method pagp learn-method To learn the input interface of the incoming packets, use the pagp learn-method command. To return to the default settings, use the no form of this command. pagp learn-method {aggregation-port | physical-port} no pagp learn-method Syntax Description aggregation-port Specifies how to learn the address on the port channel. physical-port Specifies how to learn the address on the physical port within the bundle. Defaults aggregation-port method Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the learning method to learn the address on the physical port within the bundle: Router(config-if)# pagp learn-method physical-port Router(config-if)# This example shows how to set the learning method to learn the address on the port channel within the bundle: Router(config-if)# pagp learn-method Router(config-if)# Related Commands Command Description show pagp Displays port-channel information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-579 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA pagp port-priority pagp port-priority To select a port in hot standby mode, use the pagp port-priority command. To return to the default settings, use the no form of this command. pagp port-priority priority no pagp port-priority Syntax Description priority Defaults priority is 128. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Priority number; valid values are from 1 to 255. Usage Guidelines The higher the priority means the better the chances are that the port will be selected in the hot standby mode. Examples This example shows how to set the port priority: Router(config-if)# pagp port-priority 45 Router(config-if)# Related Commands Command Description pagp learn-method Learns the input interface of the incoming packets. show pagp Displays port-channel information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-580 OL-11437-01 2 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA platform ip features sequential platform ip features sequential To enable IP precedence-based or DSCP-based egress QoS filtering to use any IP precedence or DSCP policing or marking changes made by ingress PFC QoS, use the platform ip features sequential command. To return to the default settings, use the no form of this command. platform ip features sequential [access-group {ip-acl-name | ip-acl-number}] no platform ip features sequential [access-group {ip-acl-name | ip-acl-number}] Syntax Description access-group ip-acl-name (Optional) Specifies the name of the ACL that is used to specify the match criteria for the recirculation packets. access-group ip-acl-number (Optional) Specifies the number of the ACL that is used to specify the match criteria for the recirculation packets; valid values are from 1 to 199 and from 1300 to 2699. Defaults IP precedence-based or DSCP-based egress QoS filtering uses received IP precedence or DSCP values and does not use any IP precedence or DSCP changes made by ingress QoS as the result of policing or marking. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The enhanced egress-QoS filtering enables the IP precedence-based or DSCP-based egress-QoS filtering to use any IP precedence or DSCP policing or marking changes made by ingress QoS. The nonenhanced egress-QoS filtering behavior is the normal Catalyst 6500 series switch behavior when QoS is applied in the hardware. The PFC3 provides egress PFC QoS only for Layer 3-switched and routed traffic on egress Layer 3 interfaces (either LAN ports configured as Layer 3 interfaces or VLAN interfaces). You configure enhanced egress QoS filtering on ingress Layer 3 interfaces (either LAN ports configured as Layer 3 interfaces or VLAN interfaces). To enable enhanced egress QoS filtering only for the traffic filtered by a specific standard, extended named, or extended numbered IP ACL, enter the IP ACL name or number. If you do not enter an IP ACL name or number, enhanced egress QoS filtering is enabled for all IP ingress IP traffic on the interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-581 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA platform ip features sequential Note When you configure enhanced egress-QoS filtering, the PFC3A processes traffic to apply ingress PFC QoS. The PFC3A applies ingress-QoS filtering and Catalyst 6500 series switch hardware ingress QoS. The PFC3A incorrectly applies any egress-QoS filtering and Catalyst 6500 series switch hardware egress QoS that is configured on the ingress interface. Note If you configure enhanced egress-QoS filtering on an interface that uses Layer 2 features to match the IP precedence or DSCP as modified by ingress-QoS marking, the packets are redirected or dropped and prevented from being processed by egress QoS. Note If you enable enhanced egress-QoS filtering, the hardware acceleration of NetFlow-based features such as reflexive ACL, NAT, and TCP intercept are disabled. To verify configuration, use the show running-config interface command. Examples This example shows how to enable enhanced egress-QoS filtering: Router(config-if)# platform ip features sequential Router(config-if)# This example shows how to disable enhanced egress-QoS filtering: Router(config-if)# no platform ip features sequential Router(config-if)# Related Commands Command Description show running-config interface Displays the contents of the currently running configuration file. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-582 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA platform ipv6 acl icmp optimize neighbor-discovery platform ipv6 acl icmp optimize neighbor-discovery To optimize TCAM support for IPv6 ACLs, use the platform ipv6 acl icmp optimize neighbor-discovery command. To disable optimization of TCAM support for IPv6 ACLs, use the no form of this command. platform ipv6 acl icmp optimize neighbor-discovery no platform ipv6 acl icmp optimize neighbor-discovery Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Use this command under the direction of the Cisco TAC only. When you enable optimization of the TCAM support for IPv6 ACLs, the global ICMPv6 neighbor-discovery ACL at the top of the TCAM is programmed to permit all ICMPv6 neighbor-discovery packets. Enabling optimization prevents the addition of ICMPv6 ACEs at the end of every IPv6 security ACL, reducing the number of TCAM resources being used. Enabling this command reprograms IPv6 ACLs on all interfaces. Note The ICMPv6 neighbor-discovery ACL at the top of the TCAM takes precedence over security ACLs for ICMP neighbor-discovery packets that you have configured, but has no effect if you have a bridge/deny that overlaps with the global ICMP ACL. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-583 Chapter 2 platform ipv6 acl icmp optimize neighbor-discovery Examples Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA This example shows how to optimize TCAM support for IPv6 ACLs: Router(config)# platform ipv6 acl icmp optimize neighbor-discovery Router(config)# This example shows how to disable optimization of TCAM support for IPv6 ACLs: Router(config)# no platform ipv6 acl icmp optimize neighbor-discovery Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-584 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA platform scp retry interval platform scp retry interval To enable SCP fast retry and set the fast-retry interval, use the platform scp retry interval command. To disable SCP fast retry, use the no form of this command. platform scp retry interval timeout-value no platform scp retry interval Syntax Description timeout-value Defaults 2000 milliseconds Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Fast retry interval; valid values are from 200 to 2000 milliseconds. Usage Guidelines Note Examples Use this command under the direction of the Cisco TAC only. This example shows how to enable SCP fast retry and set the fast-retry interval: Router(config)# platform scp retry interval 600 Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-585 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA platform vfi dot1q-transparency platform vfi dot1q-transparency To enable 802.1Q transparency mode, use the platform vfi dot1q-transparency command. To disable 802.1Q transparency, use the no form of this command. platform vfi dot1q-transparency no platform vfi dot1q-transparency Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on OSM modules only. The 802.1Q transparency allows a service provider to modify the MPLS EXP bits for core-based QoS policies while leaving any VPLS customer 802.1p bits unchanged. The dot1q Transparency for EoMPLS feature causes the VLAN-applied policy to affect only the IGP label (for core QoS) and leaves the VC label EXP bits equal to the 802.1p bits. On the egress PE, the 802.1p bits are still rewritten based on the received VC EXP bits, however, because the EXP bits now match the ingress 802.1p bits, a VPLS customer's 802.1p bits do not change. Global configuration applies to all virtual forwarding instance (VFI) and switched virtual interface (SVI) EoMPLS VCs configured on the Cisco 7600 series routers. Interoperability requires applying the Dot1q Transparency for EoMPLS feature to all participating PE routers. Examples This example shows how to enable 802.1Q transparency: Router (config)# platform vfi dot1q-transparency Router (config)# This example shows how to disable 802.1Q transparency: Router (config)# no platform vfi dot1q-transparency Router (config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-586 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA police (policy map) police (policy map) To create a per-interface policer and configure the policy-map class to use it, use the police command. To delete the per-interface policer from the policy-map class, use the no form of this command. police {bits-per-second [normal-burst-bytes] [maximum-burst-bytes] [pir peak-rate-bps]} | [conform-action action] [exceed-action action] [violate-action action] no police {bits-per-second [normal-burst-bytes] [extended-burst-bytes] [pir peak-rate-bps]} | [conform-action action] [exceed-action action] [violate-action action] Syntax Description Defaults bits-per-second CIR bits per second; valid values are from 32000 to 2 Gbps bits per second. normal-burst-bytes (Optional) CIR token-bucket size; valid values are from 1000 to 512000000 bytes. maximum-burst-bytes (Optional) PIR token-bucket size; valid values are from 1000 to 32000000 bytes. pir peak-rate-bps (Optional) Sets the PIR peak rate; valid values are from 32000 to 2 Gbps bits per second. conform-action action (Optional) Specifies the action to be taken if the bits-per-second rate has not been exceeded; see the “Usage Guidelines” section for valid values. exceed-action action (Optional) Specifies the action to be taken when the bits-per-second rate has been exceeded; see the“Usage Guidelines” section for valid values. violate-action action (Optional) Specifies the action to be taken when the bits-per-second rate is greater than the maximum-burst-bytes rate; see the “Usage Guidelines” section for valid values. The defaults are as follows: • maximum-burst-bytes is equal to normal-burst-bytes. • conform-action is transmit. • exceed-action is drop. • violate-action is equal to the exceed-action. • pir peak-rate-bps is equal to the normal-burst-bytes rate. Command Modes Policy-map subcommand Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-587 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA police (policy map) Usage Guidelines On the Supervisor Engine 32 PISA, the police command is supported in software. Named aggregate policers and microflow policers are not supported on the Supervisor Engine 32 PISA. The normal-burst-bytes argument sets the CIR token bucket size. The maximum-burst-bytes argument sets the PIR token bucket size (not supported with the flow keyword). You must set the maximum-burst-bytes argument to be equal to the normal-burst-bytes setting. The pir peak-rate-bps corresponds to the extended-burst-bytes. The valid values for action are as follows: • drop—Drops packets that do not exceed the bits-per-second rate. • policed-dscp-transmit—Causes all the out-of-profile traffic to be marked down as specified in the markdown map. • set-dscp-transmit {dscp-value | dscp-bit-pattern | default | ef}—Marks the matched traffic with a new DSCP value where the valid values are as follows: – dscp-value—Specifies a DSCP value; valid values are from 0 to 63. – dscp-bit-pattern—Specifies a DSCP bit pattern; valid values are listed in Table 2-28. – default—Matches packets with default dscp (000000). – ef—Matches packets with EF dscp (101110). Table 2-28 Valid dscp-bit-pattern Values Keyword Definition af11 Matches packets with AF11 dscp (001010). af12 Matches packets withAF12 dscp (001100). af13 Matches packets with AF13 dscp (001110). af21 Matches packets with AF21 dscp (010010). af22 Matches packets with AF22 dscp (010100). af23 Matches packets with AF23 dscp (010110). af31 Matches packets with AF31 dscp (011010). af32 Matches packets with AF32 dscp (011100). af33 Matches packets with AF33 dscp (011110). af41 Matches packets with AF41 dscp (100010). af42 Matches packets with AF42 dscp (100100). af43 Matches packets with AF43 dscp (100110). cs1 Matches packets with CS1 (precedence 1) dscp (001000). cs2 Matches packets with CS2 (precedence 2) dscp (010000). cs3 Matches packets with CS3 (precedence 3) dscp (011000). cs4 Matches packets with CS4 (precedence 4) dscp (100000). cs5 Matches packets with CS5 (precedence 5) dscp (101000). cs6 Matches packets with CS6 (precedence 6) dscp (110000). cs7 Matches packets with CS7 (precedence 7) dscp (111000). Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-588 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA police (policy map) Examples • set-mpls-exp-imposition-transmit new-mpls-exp—Rewrites the MPLS experimental bits on imposed label entries and transmits. The new-mpls-exp argument specifies the value used to set the MPLS EXP bits that are defined by the policy map; valid values for new-mpls-exp are from 0 to 7. • set-mpls-exp-topmost-transmit—Rewrites the MPLS experimental bits on the topmost label entries and transmits. The new-mpls-exp argument specifies the value used to set the MPLS EXP bits that are defined by the policy map; valid values for new-mpls-exp are from 0 to 7. • set-prec-transmit new-precedence—Marks the matched traffic with a new IP-precedence value and transmits; valid values for new-precedence are from 0 to 7. • transmit—Transmits the packets that do not exceed the bits-per-second rate. This example shows how to create a policy map named max-pol-ipp5 that uses the class map named ipp5, which is configured to trust received IP-precedence values and is configured with a maximum-capacity aggregate policer: Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# policy-map max-pol-ipp5 Router(config-pmap)# class ipp5 Router(config-pmap-c)# trust ip-precedence Router(config-pmap-c)# police 2000000000 2000000 conform-action set-prec-transmit 6 exceed-action policed-dscp-transmit Router(config-pmap-c)# Related Commands Command Description class-map Accesses the QoS class map configuration mode to configure QoS class maps. service-policy Attaches a policy map to an interface. show class-map Displays class-map information. show policy-map Displays information about the policy map. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. 2\ Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-589 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA police rate police rate To configure traffic policing for traffic that is destined for the control plane, use the police rate command. To remove traffic policing from the configuration, use the no form of this command. police rate units pps [burst burst-in-packets packets] [peak-rate peak-rate-in-pps pps] [peak-burst peak-burst-in-packets packets] police rate units bps [burst burst-in-bytes bytes] [peak-rate peak-rate-in-bps bps] [peak-burst peak-burst-in-bytes bytes] police rate percent percentage [burst ms ms] [peak-rate percent percentage] [peak-burst ms ms] no police rate units pps [burst burst-in-packets packets] [peak-rate peak-rate-in-pps pps] [peak-burst peak-burst-in-packets packets] no police rate units bps [burst burst-in-bytes bytes] [peak-rate peak-rate-in-bps bps] [peak-burst peak-burst-in-bytes bytes] no police rate percent percentage [burst ms ms] [peak-rate percent percentage] [peak-burst ms ms] Syntax Description units Police rate; see the “Usage Guidelines” section for valid values. pps Specifies that the rate at which traffic is policed is in packets per second. burst burst-in-packets packets (Optional) Specifies the burst rate that is used for policing traffic; valid values are from 1 to 512000 packets. peak-rate peak-rate-in-pps pps (Optional) Specifies the PIR that is used for policing traffic; valid values are from from 1 to 512000 packets. peak-burst peak-burst-in-packets packets (Optional) Specifies the peak-burst value that is used for policing traffic; valid values are from 1 to 512000 packets. bps Specifies that the rate at which traffic is policed is in bits per second. burst burst-in-bytes bytes (Optional) Specifies the burst rate that is used for policing traffic; valid values are from 1000 to 512000000 bits. peak-rate peak-rate-in-bps bps (Optional) Specifies the peak burst value that is used for the peak rate; valid values are from 1000 to 512000000 bits. peak-burst peak-burst-in-bytes bytes (Optional) Specifies the peak burst value that is used for policing traffic; valid values are from 1000 to 512000000 bits. percent percentage (Optional) Specifies the percentage of interface bandwidth that is used to determine the rate at which traffic is policed; valid values are from 1 to 100. burst ms ms (Optional) Specifies the burst rate that is used for policing traffic; valid values are from 1 to 2000 milliseconds. peak-rate percent percentage (Optional) Specifies the percentage of the interface bandwidth that is used to determine the PIR; valid values are from 1 to 100. peak-burst ms ms (Optional) Specifies the peak burst rate that is used for policing traffic; valid values are from 1 to 2000 milliseconds. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-590 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA police rate Defaults Disabled Command Modes Policy-map class configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The valid values for units are as follows: • If the police rate is specified in pps, the valid values are from 1 to 2000000 pps. • If the police rate is specified in bps, the valid values are from 8,000 to 10,000,000,000 bps. pps is used to calculate the PIR peak-rate-in-pps. Use the police rate command to limit traffic that is destined for the control plane on the basis of packets per second (pps), bytes per seconds (bps), or a percentage of interface bandwidth. If the police rate command is entered, but the rate is not specified, traffic that is destined for the control plane will be policed on the basis of bps. Examples This example shows how to configure policing on a class to limit traffic to an average rate of 1500000 pps: Router(config)# class-map telnet-class Router(config-cmap)# match access-group 140 Router(config-cmap)# exit Router(config)# policy-map control-plane-policy Router(config-pmap)# class telnet-class Router(config-pmap-c)# police rate 1500000 pps bc 500000 packets Router(config-pmap-c)# exit Related Commands Command Description policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. show policy-map Displays information about the policy map. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-591 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA policy-map policy-map To access QoS policy-map configuration mode to configure the QoS policy map, use the policy-map command. To delete a policy map, use the no form of this command. policy-map policy-map-name no policy-map policy-map-name Syntax Description policy-map-name Defaults The defaults are as follows: Policy map name. See the “Usage Guidelines” section for descriptions of the policy-map subcommands. • extended-burst-bytes is equal to burst-bytes. • conform-action is transmit. • exceed-action is drop. • violate-action is equal to the exceed-action. • pir peak-rate-bps is equal to the normal (cir) rate. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines In QoS policy-map configuration mode, these configuration commands are available: • exit exits QoS class-map configuration mode. • no removes a previously defined policy map. • class class-map [name] accesses QoS class-map configuration mode to specify a previously created class map to be included in the policy map or to create a class map (see the class-map command for additional information). • class {class-name | class-default} accesses the class configuration mode to specify the name of the class whose policy you want to create or change (see the class (policy-map) command for additional information). • police [aggregate name] subcommand defines a microflow or aggregate policer (see the police (policy map) command for additional information) and provides the following syntaxes: – police {aggregate name} – police flow {bits-per-second [normal-burst-bytes] [maximum-burst-bytes] [pir peak-rate-bps]} | [conform-action action] [exceed-action action] [violate-action action] Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-592 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA policy-map – police flow mask {dest-only | full-flow | src-only} {bits-per-second [normal-burst-bytes] [maximum-burst-bytes]} [conform-action action] [exceed-action action] • trust {cos | dscp | ip-precedence} sets the specified class trust values. Trust values that are set in this command supersede trust values that are set on specific interfaces. Table 2-29 describes the class syntax. Table 2-29 class Syntax Description Subcommand Description exit (Optional) Exits from QoS class action configuration mode. police (Optional) Specifies flow policing; see the police (policy map) command for additional information. trust state (Optional) Configures the policy map class trust state. Trust states are cos, dscp, and ip-precedence. cos (Optional) Sets the internal DSCP value from a received or interface CoS. dscp (Optional) Sets QoS to use the received DSCP value. ip-precedence (Optional) Sets the DSCP value from the received IP precedence. If you do not specify an exceed-action in the policy-map, it defaults to drop and the violate-action follows. The PFC QoS does not support the bandwidth, priority, queue-limit, random-detect, or set keywords in policy-map classes. Examples This example shows how to create a policy map named max-pol-ipp5 that uses a previously configured class map named ipp5, how to configure trust-received IP-precedence values, and how to configure a maximum-capacity aggregate policer and a microflow policer: Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# policy-map max-pol-ipp5 Router(config-pmap)# class ipp5 Router(config-pmap-c)# trust ip-precedence Router(config-pmap-c)# police 2000000000 2000000 8000000 conform-action set-prec-transmit 6 exceed-action policed-dscp-transmit Router(config-pmap-c)# police flow 10000000 10000 conform-action set-prec-transmit 6 exceed-action policed-dscp-transmit Router(config-pmap-c)# end Router# Related Commands Command Description class-map Accesses the QoS class map configuration mode to configure QoS class maps. class (policy-map) Specifies the name of the class that has a policy that you want to create or change or specifies the default class (commonly known as the class-default class) before you configure its policy. service-policy Attaches a policy map to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-593 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA policy-map Command Description show class-map Displays class-map information. show policy-map Displays information about the policy map. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-594 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port access-map port access-map To create a port access map or enter port access-map command mode, use the port access-map command. To remove a mapping sequence or the entire map, use the no form of this command. port access-map name [seq#] no port access-map name [seq#] Syntax Description name Port access-map tag. seq# (Optional) Map sequence number; valid values are 0 to 65535. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enter the sequence number of an existing map sequence, you enter port access-map mode. If you do not specify a sequence number, a number is automatically assigned. You can enter one match clause and one action clause per map sequence. If you enter the no port access-map name [seq#] command without entering a sequence number, the whole map is removed. Once you enter port access-map mode, the following commands are available: Examples • action—Specifies the packet action clause; see the action command section. • default—Sets a command to its defaults. • end—Exits from configuration mode. • exit—Exits from the port access-map configuration mode. • match—Specifies the match clause; see the match command section. • no—Negates a command or sets its defaults. This example shows how to enter port access-map mode: Router(config)# port access-map ted Router(config-port-map)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-595 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port access-map Related Commands Command Description action Sets the packet action clause. match Specifies the match clause by selecting one or more ACLs for a VLAN access-map sequence. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-596 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port-channel load-balance port-channel load-balance To set the load-distribution method among the ports in the bundle, use the port-channel load-balance command. To return to the default settings, use the no form of this command. port-channel load-balance method no port-channel load-balance Syntax Description method Defaults method is src-dst-ip. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Load-distribution method; see the “Usage Guidelines” section for a list of valid values. Valid method values are as follows: • dst-ip—Loads distribution on the destination IP address • dst-mac—Loads distribution on the destination MAC address • dst-port—Loads distribution on the destination port • src-dst-ip—Loads distribution on the source XOR-destination IP address • src-dst-mac—Loads distribution on the source XOR-destination MAC address • src-dst-port—Loads distribution on the source XOR-destination port • src-ip—Loads distribution on the source IP address • src-mac—Loads distribution on the source MAC address • src-port—Loads distribution on the source port The port-channel per-module load-balance command allows you to enable or disable port-channel load-balancing on a per-module basis. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-597 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port-channel load-balance This example shows how to set the load-distribution method to dst-ip: Router(config)# port-channel load-balance dst-ip Router(config)# This example shows how to set the load-distribution method on a specific module: Router(config)# port-channel load-balance dst-ip module 2 Router(config)# Related Commands Command Description interface port-channel Creates a port-channel virtual interface and enters interface configuration mode. port-channel per-module load-balance Enables load-distribution on a per-module basis. show etherchannel Displays the EtherChannel information for a channel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-598 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port-channel load-balance mpls port-channel load-balance mpls To set the load-distribution method among the ports in the bundle for MPLS packets, use the port-channel load-balance mpls command. To return to the default settings, use the no form of this command. port-channel load-balance mpls {label | label-ip} no port-channel load-balance mpls Syntax Description label Specifies using the MPLS label to distribute packets; see the “Usage Guidelines” section for additional information. label-ip Specifies using the MPLS label or the IP address to distribute packets; see the “Usage Guidelines” section for additional information. Defaults label-ip Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you select label, these guidelines apply: • With only one MPLS label, the last MPLS label is used. • With two or more MPLS labels, the last two labels (up to the fifth label) are used. If you select label-ip, these guidelines apply: • With IPv4 and three or fewer labels, the source IP address XOR-destination IP address is used to distribute packets. • With four or more labels, the last two labels (up to the fifth label) are used. • With non-IPv4 packets, the distribution method is the same as the label method. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-599 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port-channel load-balance mpls Examples This example shows how to set the load-distribution method to label-ip: Router(config)# port-channel load-balance mpls label-ip Router(config)# Related Commands Command Description interface port-channel Creates a port-channel virtual interface and enters interface configuration mode. show etherchannel Displays the EtherChannel information for a channel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-600 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port-channel min-links port-channel min-links To specify that a minimum number of bundled ports in an EtherChannel is required before the channel can be active, use the port-channel min-links command. To return to the default settings, use the no form of this command. port-channel min-links min-num no port-channel min-links Syntax Description min-num Defaults min-num is 1. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Minimum number of bundled ports in a channel that is required before the channel can be active; valid values are from 2 to 8. This command is supported on LACP (802.3ad) ports only. More than one LACP secondary port channel can belong to the same channel group. This command is applied to all port channels in the same group. If fewer links than the specified number are available, the port-channel interface does not become active. Use the show running-config command to verify the configuration. Examples This example shows how to specify that a minimum number of bundled ports in an EtherChannel is required before the channel can be active: Router(config-if)# port-channel min-links 3 Router(config-if)# Related Commands Command Description show running-config Displays the status and configuration of the module or Layer 2 VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-601 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA port-channel per-module load-balance port-channel per-module load-balance To enable load-distribution on a per-module basis, use the port-channel per-module load-balance command. To return to the default settings, use the no form of this command. port-channel per-module load-balance no port-channel per-module load-balance Syntax Description This command has no arguments or keywords. Defaults Disabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The port-channel load-balance method module slot command is supported on DFC systems only. The port-channel per-module load-balance command allows you to enable or disable port-channel load-balancing on a per-module basis. You can enter the port-channel load-balance method module slot command to specify the load-balancing method on a specific module after you have entered the port-channel per-module load-balance command. Examples This example shows how to enable load balancing on a per-module basis: Router(config)# port-channel per-module load-balance Router(config)# Related Commands Command Description interface port-channel Creates a port-channel virtual interface and enters interface configuration mode. port-channel load-balance module Enables load-distribution on a specific module. show etherchannel Displays the EtherChannel information for a channel. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-602 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA power enable power enable To turn on power for the modules, use the power enable command. To power down a module, use the no form of this command. power enable {module slot} no power enable {module slot} Syntax Description module slot Defaults Enabled Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Specifies a module slot number; see the “Usage Guidelines” section for valid values. When you enter the no power enable module slot command to power down a module, the module’s configuration is not saved. When you enter the no power enable module slot command to power down an empty slot, the configuration is saved. The slot argument designates the module number. Valid values for slot depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. Examples This example shows how to turn on the power for a module that was previously powered down: Router(config)# power enable module 5 Router(config)# This example shows how to power down a module: Router(config)# no power enable module 5 Router(config)# Related Commands Command Description show power Displays information about the power status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-603 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA power inline power inline To configure the administrative mode of the inline power on an interface, use the power inline command. power inline {auto [max max-milli-watts]} | never | {static [max max-milli-watts]} Syntax Description Defaults auto Turns on the device discovery protocol and applies power to the device, if found. max max-milli-watts (Optional) Specifies the maximum amount of power that a device connected to a port can consume; valid values are from 4000 to 15400 milliwatts. never Turns off the device discovery protocol and stops supplying power to the device. static Allocates power from the system power pool to a port. The defaults are as follows: • auto. • max-milli-watts is 15400 milliwatts. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the inline power to the off mode on an interface: Router(config-if)# interface fastethernet5/1 Router(config-if)# switchport Router(config-if)# power inline never This example shows how to allocate power from the system power pool to a port: Router(config-if)# interface fastethernet5/1 Router(config-if)# switchport Router(config-if)# power inline static max 15000 Related Commands Command Description show power Displays information about the power status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-604 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA power redundancy-mode power redundancy-mode To set the power-supply redundancy mode, use the power redundancy-mode command. power redundancy-mode {combined | redundant} Syntax Description combined Specifies no redundancy (combine power-supply outputs). redundant Specifies redundancy (either power supply can operate the system). Defaults redundant Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the power supplies to the no-redundancy mode: Router(config)# power redundancy-mode combined Router(config)# This example shows how to set the power supplies to the redundancy mode: Router(config)# power redundancy-mode redundant Router(config)# Related Commands Command Description show power Displays information about the power status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-605 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA priority-queue cos-map priority-queue cos-map To map CoS values to the receive and transmit strict-priority queues, use the priority-queue cos-map command. To return to the default mapping, use the no form of this command. priority-queue cos-map queue-id cos1 [cos2 [cos3 [cos4 [cos5 [cos6 [cos7 [cos8]]]]]]] Syntax Description Defaults queue-id Queue number; the valid value is 1. cos1 CoS value; valid values are from 0 to 7. . . . cos8 (Optional) CoS values; valid values are from 0 to 7. The default mapping is queue 1 is mapped to CoS 5 for the following receive and transmit strict-priority queues: • 1p1q4t receive queues • 1p1q0t receive queues • 1p1q8t receive queues • 1p2q2t transmit queues • 1p3q8t transmit queues • 1p7q8t transmit queues • 1p3q1t transmit queues • 1p2q1t transmit queues Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When mapping CoS values to the strict-priority queues, note the following information: • The queue number is always 1. • You can enter up to 8 CoS values to map to the queue. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-606 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA priority-queue cos-map Examples This example shows how to map CoS value 7 to the strict-priority queues on Gigabit Ethernet port 1/1: Router(config-if)# priority-queue cos-map 1 7 Router(config-if)# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-607 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA priority-queue queue-limit priority-queue queue-limit To se the priority-queue size on an interface, use the priority-queue queue-limit command. priority-queue queue-limit weight Syntax Description weight Defaults The default settings are as follows: Priority-queue size weight; valid values are from 1 and 100 percent. • Global QoS is enabled—15 • Global QoS is disabled—0 Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines See the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for a list of modules that support this command. Examples This example shows how to allocate available buffer space to a priority queue: Router(config-if)# priority-queue queue-limit 15 Router(config-if)# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-608 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA private-vlan private-vlan To configure PVLANs and the association between a PVLAN and a secondary VLAN, use the private-vlan command. To return to the default settings, use the no form of this command. private-vlan {isolated | community | primary} private-vlan association secondary-vlan-list | {add secondary-vlan-list} | {remove secondary-vlan-list} no private-vlan {isolated | community | primary} no private-vlan association Syntax Description isolated Designates the VLAN as an isolated PVLAN. community Designates the VLAN as a community PVLAN. primary Designates the VLAN as the primary PVLAN. association Creates an association between a secondary VLAN and a primary VLAN. secondary-vlan-list Number of the secondary VLAN. add Associates a secondary VLAN to a primary VLAN. remove Clears the association between a secondary VLAN and a primary VLAN. Defaults No PVLANs are configured. Command Modes config-VLAN submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You cannot configure PVLANs on a port-security port. If you enter a pvlan command on a port-security port, this error message is displayed: Command rejected: Gix/y is Port Security enabled port. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-609 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA private-vlan Within groups of 12 ports (1–12, 13–24, 25–36, and 37–48), do not configure the ports as isolated or as community VLAN ports when one of the ports is a trunk, a SPAN destination, or a promiscuous private VLAN port. If one port is a trunk, a SPAN destination, or a promiscuous private VLAN port, any isolated or community VLAN configuration for the other ports within the 12 ports is inactive. To reactivate the ports, remove the isolated or community VLAN-port configuration and enter the shutdown and no shutdown commands. Caution If you enter the shutdown command and then the no shutdown command in the config-vlan mode on a PVLAN (primary or secondary), the PVLAN type and association information is deleted. You will have to reconfigure the VLAN to be a PVLAN. Note This restriction applies to Ethernet 10-Mb, 10/100-Mb, and 100-Mb modules except WS-X6548-RJ-45 and WS-X6548-RJ-21. You cannot configure VLAN 1 or VLANs 1001 to 1005 as PVLANs. VTP does not support PVLANs. You must configure PVLANs on each device where you want PVLAN ports. The secondary-vlan-list argument cannot contain spaces. It can contain multiple comma-separated items. Each item can be a single PVLAN ID or a hyphenated range of PVLAN IDs. The secondary-vlan-list parameter can contain multiple community VLAN IDs. The secondary-vlan-list argument can contain only one isolated VLAN ID. A PVLAN is a set of private ports that are characterized by using a common set of VLAN number pairs. Each pair is made up of at least two special unidirectional VLANs and is used by isolated ports and/or by a community of ports to communicate with routers. An isolated VLAN is a VLAN that is used by isolated ports to communicate with promiscuous ports. An isolated VLAN’s traffic is blocked on all other private ports in the same VLAN. Its traffic can only be received by standard trunking ports and promiscuous ports that are assigned to the corresponding primary VLAN. A promiscuous port is defined as a private port that is assigned to a primary VLAN. A primary VLAN is defined as the VLAN that is used to convey the traffic from the routers to customer end stations on private ports. A community VLAN is defined as the VLAN that carries the traffic among community ports and from community ports to the promiscuous ports on the corresponding primary VLAN. You can specify only one isolated vlan-id, while multiple community VLANs are allowed. Isolated and community VLANs can only be associated with one VLAN. The associated VLAN list may not contain primary VLANs. Similarly, you cannot configure a VLAN that is already associated to a primary VLAN as a primary VLAN. The private-vlan commands do not take effect until you exit the config-VLAN submode. If you delete either the primary or secondary VLAN, the ports that are associated with the VLAN become inactive. Refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for additional configuration guidelines. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-610 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA private-vlan Examples This example shows how to create a PVLAN relationship between the primary VLAN 14, the isolated VLAN 19, and the community VLANs 20 and 21: Router(config) # vlan Router(config-vlan) # Router(config) # vlan Router(config-vlan) # Router(config-vlan) # Router(config) # vlan Router(config-vlan) # Router(config-vlan) # 19 private-vlan 20 private-vlan private-vlan 14 private-vlan private-vlan isolated community community primary association 19-21 This example shows how to remove an isolated VLAN and community VLAN 20 from the PVLAN association: Router(config) # vlan 14 Router(config-vlan) # private-vlan association remove 18,20 Router(config-vlan) # This example shows how to remove a PVLAN relationship and delete the primary VLAN. The associated secondary VLANs are not deleted. Router(config-vlan) # no private-vlan 14 Router(config-vlan) # Related Commands Command Description show vlan Displays VLAN information. show vlan private-vlan Displays PVLAN information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-611 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA private-vlan mapping private-vlan mapping To create a mapping between the primary and the secondary VLANs so that both VLANs share the same primary VLAN SVI, use the private-vlan mapping command. To remove all PVLAN mappings from the SVI, use the no form of this command. private-vlan mapping {[secondary-vlan-list | {add secondary-vlan-list} | {remove secondary-vlan-list}]} no private-vlan mapping Syntax Description secondary-vlan-list (Optional) VLAN ID of the secondary VLANs to map to the primary VLAN. add (Optional) Maps the secondary VLAN to the primary VLAN. remove (Optional) Removes the mapping between the secondary VLAN and the primary VLAN. Defaults No PVLAN SVI mapping is configured. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The private-vlan mapping command affects traffic that is switched in the software on the PISA. The secondary-vlan-list argument cannot contain spaces; it can contain multiple comma-separated items. Each item can be a single PVLAN ID or a hyphenated range of PVLAN IDs. This command is valid in the interface configuration mode of the primary VLAN. The SVI of the primary VLAN is created at Layer 3. Traffic that is received on the secondary VLAN is routed by the SVI of the primary VLAN. The SVIs of existing secondary VLANs do not function and are considered as down after you enter this command. A secondary SVI can only be mapped to one primary SVI. If you configure the primary VLAN as a secondary VLAN, all the SVIs that are specified in this command are brought down. If you configure a mapping between two VLANs that do not have a valid Layer 2 association, the mapping configuration does not take effect. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-612 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA private-vlan mapping Examples This example shows how to map the interface of VLAN 20 to the SVI of VLAN 18: Router(config)# interface vlan 18 Router(config-if)# private-vlan mapping 18 20 Router(config-if)# This example shows how to permit routing of secondary VLAN-ingress traffic from PVLANs 303 through 307, 309, and 440 and verify the configuration: Router# configure terminal Router(config)# interface vlan 202 Router(config-if)# private-vlan mapping add 303-307,309,440 Router(config-if)# end Router# show interfaces private-vlan mapping Interface Secondary VLAN Type --------- -------------- ----------------vlan202 303 community vlan202 304 community vlan202 305 community vlan202 306 community vlan202 307 community vlan202 309 community vlan202 440 isolated Router# This example shows the displayed error message if the VLAN that you are adding is already mapped to the SVI of VLAN 18. You must delete the mapping from the SVI of VLAN 18 first. Router(config)# interface vlan 19 Router(config-if)# private-vlan mapping 19 add 21 Command rejected: The interface for VLAN 21 is already mapped as s secondary. Router(config-if)# This example shows how to remove all PVLAN mappings from the SVI of VLAN 19: Router(config)# interface vlan 19 Router(config-if)# no private-vlan mapping Router(config-if)# Related Commands Command Description show interfaces private-vlan mapping Displays the information about the PVLAN mapping for VLAN SVIs. show vlan Displays VLAN information. show vlan private-vlan Displays PVLAN information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-613 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA private-vlan synchronize private-vlan synchronize To map the secondary VLANs to the same instance as the primary VLAN, use the private-vlan synchronize command. private-vlan synchronize Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes MST configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not map VLANs to the same instance as the associated primary VLAN when you exit the MST configuration submode, a warning message displays and lists the secondary VLANs that are not mapped to the same instance as the associated primary VLAN. The private-vlan synchronize command automatically maps all secondary VLANs to the same instance as the associated primary VLANs. Examples This example assumes that a primary VLAN 2 and a secondary VLAN 3 are associated to VLAN 2, and that all VLANs are mapped to the CIST instance 1. This example also shows the output if you try to change the mapping for the primary VLAN 2 only: Router(config)# spanning-tree mst configuration Router(config-mst)# instance 1 vlan 2 Router(config-mst)# exit These secondary vlans are not mapped to the same instance as their primary: -> 3 This example shows how to initialize PVLAN synchronization: Router(config-mst)# private-vlan synchronize Router(config-mst)# Related Commands Command Description show Verifies the MST configuration. show spanning-tree mst Displays information about the MST protocol. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-614 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA process-min-time percent process-min-time percent To specify the minimum percentage of CPU process time OSPF takes before trying to release the CPU for other processes, use the process-min-time percent command. To return to the default settings, use the no form of this command. process-min-time percent percent no process-min-time Syntax Description percent Defaults percent is 25. Command Modes Router configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Percentage of CPU process time to be used before trying to release the CPU for other processes; valid values are from 1 to 100. Usage Guidelines Note Use this command under the direction of Cisco TAC only. This command is supported by OSPFv2 and OSPFv3. Use the process-min-time command to configure the minimum percentage of the process maximum time. Once the percentage has been exceeded, CPU control may be given to a higher priority process. The process maximum time is set using the process-max-time command. Use the process-min-time command with the process-max-time command. Examples This example shows how to set the percentage of CPU process time to be used before releasing the CPU: Router> configure terminal Router(configure)# router ospf Router(config-router)# process-min-time percent 35 Router(config-router)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-615 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA process-min-time percent This example shows how to return to the default setting: Router> configure terminal Router(configure)# router rip Router(config-router)# no process-min-time Router(config-router)# Related Commands Command Description process-max-time Configures the amount of time after which a process should voluntarily yield to another process. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-616 OL-11437-01 2 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue bandwidth rcv-queue bandwidth To define the bandwidths for ingress (receive) WRR queues through scheduling weights, use the rcv-queue bandwidth command. To return to the default settings, use the no form of this command. rcv-queue bandwidth weight-1 ... weight-n no rcv-queue bandwidth Syntax Description weight-1 ... weight-n Defaults The defaults are as follows: WRR weights; valid values are from 0 to 255. • QoS enabled—4:255 • QoS disabled—255:1 Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is not supported on Catalyst 6500 series switches that are configured with a Supervisor Engine 2. This command is supported on 2q8t and 8q8t ports only. You can configure up to seven queue weights. Examples This example shows how to allocate a three-to-one bandwidth ratio: Router(config-if)# rcv-queue bandwidth 3 1 Router(config-if)# Related Commands Command Description rcv-queue queue-limit Sets the size ratio between the strict-priority and standard receive queues. show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-617 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue cos-map rcv-queue cos-map To map the CoS values to the standard receive-queue drop thresholds, use the rcv-queue cos-map command. To remove the mapping, use the no form of this command. rcv-queue cos-map queue-id threshold-id cos-1 ... cos-n no rcv-queue cos-map queue-id threshold-id Syntax Description queue-id Queue ID; the valid value is 1. threshold-id Threshold ID; valid values are from 1 to 4. cos-1 ... cos-n CoS values; valid values are from 0 to 7. Defaults The defaults are listed in Table 2-30. Table 2-30 CoS-to-Standard Receive Queue Map Defaults queue threshold cos-map With QoS Disabled queue cos-map With QoS Enabled 1 1 0,1, 2,3,4,5,6,7 1 1 0,1 1 2 1 2 2,3 1 3 1 3 4 1 4 1 4 6,7 2 1 2 1 5 5 Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines threshold The cos-n value is defined by the module and port type. When you enter the cos-n value, note that the higher values indicate higher priorities. Use this command on trusted ports only. For additional information on configuring receive-queue thresholds, see the QoS chapter in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-618 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue cos-map Examples This example shows how to map the CoS values 0 and 1 to threshold 1 in the standard receive queue: Router (config-if)# rcv-queue cos-map 1 1 0 1 cos-map configured on: Gi1/1 Gi1/2 Router(config-if)# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-619 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue queue-limit rcv-queue queue-limit To set the size ratio between the strict-priority and standard receive queues, use the rcv-queue queue-limit command. To return to the default settings, use the no form of this command. rcv-queue queue-limit {q-limit-1} {q-limit-2} no rcv-queue queue-limit Syntax Description Defaults q-limit-1 Standard queue weight; valid values are from 1 and 100 percent. q-limit-2 Strict-priority queue weight; see the “Usage Guidelines” section for valid values. The defaults are as follows: • 80 percent is for low priority. • 20 percent is for strict priority. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Valid strict-priority weight values are from 1 to 100 percent, except on 1p1q8t ingress LAN ports, where valid values for the strict-priority queue are from 3 to 100 percent. The rcv-queue queue-limit command configures ports on a per-ASIC basis. Estimate the mix of strict-priority-to-standard traffic on your network (for example, 80-percent standard traffic and 20-percent strict-priority traffic) and use the estimated percentages as queue weights. Examples This example shows how to set the receive-queue size ratio for Gigabit Ethernet interface 1/2: Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface gigabitethernet 1/2 Router(config-if)# rcv-queue queue-limit 75 15 Router(config-if)# end Router# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-620 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue random-detect rcv-queue random-detect To specify the minimum and maximum threshold for the specified receive queues, use the rcv-queue random-detect command. To return to the default settings, use the no form of this command. rcv-queue random-detect {max-threshold | min-threshold} queue-id threshold-percent-1 ... threshold-percent-n no rcv-queue random-detect {max-threshold | min-threshold} queue-id Syntax Description Defaults max-threshold Specifies the maximum threshold. min-threshold Specifies the minimum threshold. queue-id Queue ID; the valid value is 1. threshold-percent-1 threshold-percent-n Threshold weights; valid values are from 1 to 100 percent. The defaults are as follows: • min-threshold—80 percent • max-threshold—20 percent Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on 1p1q8t and 8q8t ports only. The 1p1q8t interface indicates one strict queue and one standard queue with eight thresholds. The 8q8t interface indicates eight standard queues with eight thresholds. The threshold in the strict-priority queue is not configurable. Each threshold has a low- and a high-threshold value. The threshold values are a percentage of the receive-queue capacity. For additional information on configuring receive-queue thresholds, refer to the QoS chapter in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-621 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue random-detect Examples This example shows how to configure the low-priority receive-queue thresholds: Router (config-if)# rcv-queue random-detect max-threshold 1 60 100 Router (config-if)# Related Commands Command Description show queueing interface Displays queueing information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-622 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue threshold rcv-queue threshold To configure the drop-threshold percentages for the standard receive queues on 1p1q4t and 1p1q0t interfaces, use the rcv-queue threshold command. To return the thresholds to the default settings, use the no form of this command. rcv-queue threshold queue-id threshold-percent-1 ... threshold-percent-n no rcv-queue threshold Syntax Description Defaults queue-id Queue ID; the valid value is 1. threshold- percent-1 ... threshold- percent-n Threshold ID; valid values are from 1 to 100 percent. The defaults for the 1p1q4t and 1p1q0t configurations are as follows: • QoS assigns all traffic with CoS 5 to the strict-priority queue. • QoS assigns all other traffic to the standard queue. The default for the 1q4t configuration is that QoS assigns all traffic to the standard queue. If you enable QoS, the following default thresholds apply: • 1p1q4t interfaces have this default drop-threshold configuration: – Frames with CoS 0, 1, 2, 3, 4, 6, or 7 go to the standard receive queue. – Using standard receive-queue drop threshold 1, the Catalyst 6500 series switch drops incoming frames with CoS 0 or 1 when the receive-queue buffer is 50 percent or more full. – Using standard receive-queue drop threshold 2, the Catalyst 6500 series switch drops incoming frames with CoS 2 or 3 when the receive-queue buffer is 60 percent or more full. – Using standard receive-queue drop threshold 3, the Catalyst 6500 series switch drops incoming frames with CoS 4 when the receive-queue buffer is 80 percent or more full. – Using standard receive-queue drop threshold 4, the Catalyst 6500 series switch drops incoming frames with CoS 6 or 7 when the receive-queue buffer is 100 percent full. – Frames with CoS 5 go to the strict-priority receive queue (queue 2), where the Catalyst 6500 series switch drops incoming frames only when the strict-priority receive-queue buffer is 100 percent full. • 1p1q0t interfaces have this default drop-threshold configuration: – Frames with CoS 0, 1, 2, 3, 4, 6, or 7 go to the standard receive queue. The Catalyst 6500 series switch drops incoming frames when the receive-queue buffer is 100 percent full. – Frames with CoS 5 go to the strict-priority receive queue (queue 2), where the Catalyst 6500 series switch drops incoming frames only when the strict-priority receive-queue buffer is 100 percent full. Note The 100-percent threshold may be actually changed by the module to 98 percent to allow BPDU traffic to proceed. The BPDU threshold is factory set at 100 percent. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-623 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rcv-queue threshold Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The queue-id value is always 1. A value of 10 indicates a threshold when the buffer is 10 percent full. Always set threshold 4 to 100 percent. Receive thresholds take effect only on ports whose trust state is trust cos. Configure the 1q4t receive-queue tail-drop threshold percentages with the wrr-queue threshold command. Examples This example shows how to configure the receive-queue drop thresholds for Gigabit Ethernet interface 1/1: Router(config-if)# rcv-queue threshold 1 60 75 85 100 Router(config-if)# Related Commands Command Description show queueing interface Displays queueing information. wrr-queue threshold Configures the drop-threshold percentages for the standard receive and transmit queues on 1q4t and 2q2t interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-624 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA reassign reassign To define the number of consecutive number of SYNs for a new connection that will go unanswered before the connection is attempted to a different real server, use the reassign command. To change the maximum number of connections to the default settings, use the no form of this command. reassign threshold no reassign Syntax Description threshold Defaults threshold is 3. Command Modes Real server configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Number of unanswered TCP SYNs that will be directed to a real server before the connection is reassigned to a different real server; valid values are from 1 to 4. Usage Guidelines If you do not specify the threshold value, the default value of the reassignment threshold is used. Examples This example shows how to define the reassignment threshold: Router(config-if)# reassign 4 Router(config-if)# This example shows how to revert to the default value: Router(config-if)# no reassign Router(config-if)# Related Commands Command Description faildetect numconns Specifies the conditions that indicate a server failure. inservice (real server) Enables the real server for use by the Cisco IOS SLB feature. retry Defines the amount of time that must elapse before a connection is attempted to a failed server. maxconns (real server configuration submode) Limits the number of active connections to the real server. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-625 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA redundancy redundancy To enter redundancy configuration mode, use the redundancy command. From this mode, you can enter the main CPU submode to manually synchronize the configurations that are used by the two supervisor engines. redundancy Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Once you enter redundancy configuration mode, these options are available: • exit—Exits from redundancy configuration mode. • main-cpu—Enters the main CPU submode. • no—Negates a command or sets its defaults. From the main CPU submode, you can use the auto-sync command to use all of the redundancy commands that are applicable to the main CPU. To select the type of redundacy mode, use the mode command. NSF with SSO redundancy mode supports IPv4. NSF with SSO redundancy mode does not support IPv6, IPX, and MPLS. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-626 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA redundancy Examples This example shows how to enter redundancy mode: Router (config)# redundancy Router(config-r)# This example shows how to enter the main CPU submode: Router (config)# redundancy Router (config-r)# main-cpu Router (config-r-mc)# Related Commands Command Description auto-sync Enables automatic synchronization of the configuration files in NVRAM. mode Sets the redundancy mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-627 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA redundancy force-switchover redundancy force-switchover To force a switchover from the active to the standby supervisor engine, use the redundancy force-switchover command. redundancy force-switchover Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Before using this command, see the “Performing a Fast Software Upgrade (FSU)” section of the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for additional information. The redundancy force-switchover command conducts a manual switchover to the redundant supervisor engine. The redundant supervisor engine becomes the new active supervisor engine running the new Cisco IOS image. The modules are reset and the module software is downloaded from the new active supervisor engine. The old active supervisor engine reboots with the new image and becomes the redundant supervisor engine. Examples This example shows how to switch over manually from the active to the standby supervisor engine: Router# redundancy force-switchover Router# Related Commands Command Description mode Sets the redundancy mode. redundancy Enters redundancy configuration mode. show redundancy Displays RF information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-628 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA reload reload To reload the entire Catalyst 6500 series switch, use the reload command. reload [text | in [hh:]mm [text] | at hh:mm [month day | day month] [text] | cancel] Syntax Description text (Optional) Reason for the reload; the string can be from 1 to 255 characters. in [hh:]mm (Optional) Delays a Catalyst 6500 series switch reload for a specific amount of time. at hh:mm (Optional) Schedules a Catalyst 6500 series switch reload to take place at the specified time (using a 24-hour clock). month (Optional) Name of the month; any number of characters in a unique string. day (Optional) Number of the day; valid values are from 1 to 31. cancel (Optional) Cancels a scheduled reload. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The reload command stops the system. If the system is set to restart on error, it reboots itself. Use the reload command after you enter configuration information into a file and the file is saved to the startup configuration. When you schedule a reload to occur at a later time (using the in keyword), it must take place within approximately 24 days. When specifying the reload time (using the at keyword), if you specify the month and day, the reload takes place at the specified time and date. If you do not specify the month and day, the reload takes place at the specified time on the current day (if the specified time is later than the current time), or on the next day (if the specified time is earlier than the current time). Specifying 00:00 schedules the reload for midnight. The reload must take place within approximately 24 days. If you modify your configuration file, the Catalyst 6500 series switch prompts you to save the configuration. During a save operation, the Catalyst 6500 series switch asks you if you want to proceed with the save if the CONFIG_FILE environment variable points to a startup configuration file that no longer exists. If you say “yes” in this situation, the Catalyst 6500 series switch goes to setup mode upon reload. You can use the at keyword if the system clock has been set on the MSM (either through NTP, the hardware calendar, or manually). To schedule reloads across several MSMs to occur simultaneously, you must synchronize the time on each MSM with NTP. To display information about a scheduled reload, use the show reload command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-629 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA reload Examples This example shows how to reload the Catalyst 6500 series switch immediately: Router# reload Router# This example shows how to reload the Catalyst 6500 series switch in 10 minutes: Router# reload in 10 Router# Reload scheduled for 11:57:08 PDT Fri Apr 21 1996 (in 10 minutes) Proceed with reload? [confirm] Router# This example shows how to reload the Catalyst 6500 series switch at 1:00 p.m. today: Router# reload at 13:00 Router# Reload scheduled for 13:00:00 PDT Fri Apr 21 1996 (in 1 hour and 2 minutes) Proceed with reload? [confirm] Router# This example shows how to reload the Catalyst 6500 series switch on April 20 at 2:00 a.m.: Router# reload at 02:00 apr 20 Router# Reload scheduled for 02:00:00 PDT Sat Apr 20 1996 (in 38 hours and 9 minutes) Proceed with reload? [confirm] Router# This example shows how to cancel a pending reload: Router# reload cancel %Reload cancelled. Router# Related Commands Command Description copy Saves configuration changes to the startup configuration. system:running-config nvram:startup-config show reload Displays the reload status on the router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-630 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA remote command remote command To execute a Catalyst 6500 series switch command directly on the switch console or a specified module without having to log into the Catalyst 6500 series switch first, use the remote command command. remote command {{module num} | standby-rp | switch} command Syntax Description module num Specifies the module to access; see the “Usage Guidelines” section for valid values. standby-rp Specifies the standby route processor. switch Specifies the active switch processor. command Command to be executed. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The module num keyword and argument designate the module number. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values are from 1 to 13. The module num keyword and argument are supported on the standby supervisor engine only. When you execute the remote command switch command, the prompt changes to Switch-sp#. This command is supported on the supervisor engine only. This command does not support command completion, but you can use shortened forms of the command (for example, entering sh for show). Examples This example shows how to execute the show calendar command from the standby route processor: Router# remote command standby-rp show calendar Switch-sp# 09:52:50 UTC Mon Nov 12 2001 Router# Related Commands Command Description remote login Accesses the Catalyst 6500 series switch console or a specific module. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-631 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA remote login remote login To access the Catalyst 6500 series switch console or a specific module, use the remote login command. remote login {{module num} | standby-rp | switch} Syntax Description module num Specifies the module to access; see the “Usage Guidelines” section for valid values. standby-rp Specifies the standby route processor. switch Specifies the active switch processor. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Caution When you enter the attach or remote login command to access another console from your switch, if you enter global or interface configuration mode commands, the switch might reset. The module num keyword and argument designate the module number. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values are from 1 to 13. The module num keyword and argument are supported on the standby supervisor engine only. When you execute the remote login module num command, the prompt changes depending on the type of module to which you are connecting. When you execute the remote login standby-rp command, the prompt changes to Router-sdby#. When you execute the remote login switch command, the prompt changes to Switch-sp#. The remote login module num command is identical to the attach command. There are two ways to end the session: • You can enter the exit command as follows: Switch-sp# exit [Connection to Switch closed by foreign host] Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-632 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA remote login • You can press Ctrl-C three times as follows: Switch-sp# ^C Switch-sp# ^C Switch-sp# ^C Terminate remote login session? [confirm] y [Connection to Switch closed by local host] Router# Examples This example shows how to perform a remote login to a specific module: Router# remote login module 1 Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session Switch-sp# This example shows how to perform a remote login to the Catalyst 6500 series switch processor: Router# remote login switch Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session Switch-sp# This example shows how to perform a remote login to the standby route processor: Router# remote login standby-rp Trying Switch ... Entering CONSOLE for Switch Type "^C^C^C" to end this session Router-sdby# Related Commands Command Description attach Connects to a specific module from a remote location. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-633 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA remote-span remote-span To configure a VLAN as an RSPAN VLAN, use the remote-span command. To remove the RSPAN designation, use the no form of this command. remote-span Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes config-VLAN mode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is not supported in the VLAN database mode. You can enter the show vlan remote-span command to display the RSPAN VLANs in the Catalyst 6500 series switch. Examples This example shows how to configure a VLAN as an RSPAN VLAN: Router(config-vlan)# remote-span Router(config-vlan) This example shows how to remove the RSPAN designation: Router(config-vlan)# no remote-span Router(config-vlan) Related Commands Connect Description show vlan remote-span Displays a list of RSPAN VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-634 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA reset reset To leave the proposed new VLAN database, remain in VLAN configuration mode, and reset the proposed new database so that it is identical to the current VLAN database, use the reset command. reset Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes VLAN configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to cause the proposed new VLAN database to be abandoned and reset to the current VLAN database: Router(vlan)# reset RESET completed. Router(vlan)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-635 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA retry retry To define the amount of time that must elapse before a connection is attempted to a failed server, use the retry command. To change the connection-reassignment threshold and client threshold to the default settings, use the no form of this command. retry retry-value no retry Syntax Description retry-value Defaults retry-value is 60. Command Modes Real server configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Amount of time, in seconds, that must elapse after the detection of a server failure before a new connection is attempted to the server; valid values are from 1 to 3600. This example shows how to define the retry timer: Router(config-if)# retry 145 Router(config-if)# This example shows how to revert to the default value: Router(config-if)# no retry Router(config-if)# Related Commands Command Description faildetect numconns Specifies the conditions that indicate a server failure. inservice (real server) Enables the real server for use by the Cisco IOS SLB feature. maxconns (real server configuration submode) Limits the number of active connections to the real server. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-636 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA revision revision To set the revision number for the MST configuration, use the revision command. To return to the default settings, use the no form of this command. revision version no revision Syntax Description version Defaults version is 0. Command Modes MST configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Caution Examples Revision number for the configuration; valid values are from 0 to 65535. Two Catalyst 6500 series switches that have the same configuration but different revision numbers are considered to be part of two different regions. Be careful when using the revision command to set the revision number of the MST configuration because a mistake can put the switch in a different region. This example shows how to set the revision number of the MST configuration: Router(config-mst)# revision 5 Router(config-mst)# Related Commands Command Description instance Maps a VLAN or a set of VLANs to an MST instance. name (MST configuration submode) Sets the name of an MST region. show Verifies the MST configuration. show spanning-tree Displays information about the spanning-tree state. spanning-tree mst configuration Enters MST-configuration submode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-637 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rmon alarm rmon alarm To set an alarm on any MIB object, use the rmon alarm command. To disable the alarm, use the no form of this command. rmon alarm number variable interval {delta | absolute} rising-threshold value [event-number] falling-threshold value [event-number] [owner string] no rmon alarm number Syntax Description number Alarm number that is identical to the alarmIndex in the alarmTable in the RMON MIB; valid values are from 1 to 65535. variable MIB object to monitor; this value translates into the alarmVariable that is used in the alarmTable of the RMON MIB. interval Time in seconds that the alarm monitors the MIB variable. This value is identical to the alarmInterval that is used in the alarmTable of the RMON MIB; valid values are from 1 to 4294967295. delta Specifies the change between MIB variables; this value affects the alarmSampleType in the alarmTable of the RMON MIB. absolute Specifies each MIB variable directly; this value affects the alarmSampleType in the alarmTable of the RMON MIB. rising-threshold value Specifies the value at which the alarm is triggered; valid values are from –2147483648 to 2147483647. event-number (Optional) Event number to trigger when the rising or falling threshold exceeds its limit. This value is identical to the alarmRisingEventIndex or the alarmFallingEventIndex in the alarmTable of the RMON MIB; valid values are from 1 to 65535. falling-threshold value Specifies the value at which the alarm is reset; valid values are from –2147483648 to 2147483647. owner string (Optional) Specifies the owner for the alarm; this value is identical to the alarmOwner in the alarmTable of the RMON MIB. Defaults No alarms are configured. Command Modes Global configuration Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-638 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rmon alarm Command History Usage Guidelines Release Modification 12.2(18)ZY Support for this command was introduced. You must specify the MIB object as a dotted decimal value after the entry sequence (for example, ifEntry.10.1). You cannot specify the variable name and the instance (for example, ifInOctets.1) or the entire dotted decimal notation. The argument must be of the form entry.integer.instance. To disable the RMON alarms, you must use the no form of the command on each configured alarm. For example, enter the no rmon alarm 1 command, where the 1 identifies which alarm is to be removed. Refer to RFC 1757 for more information about the RMON alarm group. In the configuration that is shown in the example, the alarm monitors the MIB variable ifEntry.20.1 once every 20 seconds until the alarm is disabled and checks the change in the variable’s rise or fall. If the ifEntry.20.1 value shows a MIB counter increase of 15 or more, such as from 100000 to 100015, the alarm is triggered. The alarm triggers event number 1, which is configured with the rmon event command. Possible events include a log entry or an SNMP trap. If the ifEntry.20.1 value changes by 0 (falling-threshold 0), the alarm is reset and can be triggered again. Examples This example shows how to configure an RMON alarm: Router(config)# rmon alarm 10 ifEntry.20.1 20 delta rising-threshold 15 1 falling-threshold 0 owner jjohnson Related Commands Command Description rmon Enables RMON on an Ethernet interface. rmon event Adds or removes an event in the RMON-event table that is associated with an RMON-event number. show rmon Displays the current RMON agent status on the router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-639 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rmon event rmon event To add or remove an event in the RMON-event table that is associated with an RMON-event number, use the rmon event command. To disable RMON on the interface, use the no form of this command. rmon event number [log] [trap community] [description string] [owner string] no rmon event number Syntax Description number Assigned event number that is identical to the eventIndex in the eventTable in the RMON MIB; valid values are from 1 to 65535. log (Optional) Generates an RMON log entry when the event is triggered and sets the eventType in the RMON MIB to log or log-and-trap. trap community (Optional) Specifies the SNMP community string that is used for this trap. description string (Optional) Specifies a description of the event that is identical to the event description in the eventTable of the RMON MIB. owner string (Optional) Specifies the owner of this event that is identical to the eventOwner in the eventTable of the RMON MIB. Defaults No alarms are configured. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Refer to RFC 1757 for more information about the RMON MIB. Use the trap community keyword and argument to configure the setting of the eventType in the RMON MIB for this row as either snmp-trap or log-and-trap. This value is identical to the eventCommunityValue in the eventTable in the RMON MIB. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-640 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA rmon event Examples This example shows how to add an event to the RMON-event table: Router(config)# rmon event 1 log trap eventtrap description “High ifOutErrors” owner sdurham This example configuration creates RMON-event number 1, which is defined as High ifOutErrors, and generates a log entry when the event is triggered by an alarm. The user sdurham owns the row that is created in the event table by this command. This configuration also generates an SNMP trap when the event is triggered. Related Commands Command Description rmon Enables RMON on an Ethernet interface. rmon alarm Sets an alarm on any MIB object. show rmon Displays the current RMON agent status on the router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-641 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA route-converge-interval route-converge-interval To configure the time interval after which the old FIB entries are purged, use the route-converge-interval command. To return to the default settings, use the no form of this command. route-converge-interval seconds Syntax Description seconds Defaults seconds is 120 seconds (2 minutes). Command Modes Main CPU submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Time interval after which the old FIB entries are purged; valid values are from 60 to 3600 seconds. Usage Guidelines The time interval for route-converge delay is needed to simulate the route-converge time when routing protocols restart on switchover. Examples This example shows how to set the time interval for the route-converge delay: Router(config)# redundancy Router(config-red)# main-cpu Router(config-red-main)# route-converge-interval 90 Router(config-red-main)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-642 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA route-converge-interval This example shows how to return to the default time interval for the route-converge delay: Router(config)# redundancy Router(config-red)# main-cpu Router(config-red-main)# no route-converge-interval Router(config-red-main)# Related Commands Command Description redundancy Enters redundancy configuration mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-643 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA router router To enable a routing process, use the router command. To terminate a routing process, use the no form of this command. router {bgp as-num} | {eigrp as-num} | {isis process-id} | {ospf process-id [vrf vrf-id]} no router ospf process-id Syntax Description bgp as-num Specifies an autonomous BGP-system number; valid values are from 1 to 65535. eigrp as-num Specifies an autonomous EIGRP-system number; valid values are from 1 to 65535. isis routing-area-tag Specifies an ISO routing area designation. ospf process-id Specifies an internally used identification parameter for the routing process; valid values are from 1 to 65535. vrf vrf-id (Optional) Specifies a VRF instance name. Defaults No OSPF routing process is enabled or defined. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When you specify a process-id, it is locally assigned and can be any positive integer. A unique value is assigned for each OSPF routing process. You can specify multiple OSPF routing processes in each router. Examples This example shows how to configure an OSPF routing process and assign a process number of 109: Router(config)# router ospf 109 Router(config)# This example shows how to configure an OSPF routing process and assign a process number of 109 for a specific VRF instance: Router(config)# router ospf 109 vrf 109 Router(config)# Related Commands Command Description nsf Enables and configures Cisco NSF. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-644 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA scheduler allocate scheduler allocate To guarantee the CPU time for the process tasks, use the scheduler allocate command. To return to the default settings, use the no form of this command. scheduler allocate interrupt-time process-time no scheduler allocate Syntax Description Defaults interrupt-time Integer (in microseconds) that limits the maximum number of microseconds to spend on fast switching within any one network-interrupt context; valid values are from 400 to 60000 microseconds. process-time Integer (in microseconds) that guarantees the minimum number of microseconds to spend at the process level when network interrupts are disabled; valid values are from 100 to 4000. The defaults are as follows: • interrupt-time is 4000 microseconds. • process-time is 800 microseconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Caution We recommend that you do not change the default settings. Entering the scheduler allocate command without arguments is the same as entering the no scheduler allocate or the default scheduler allocate command. Examples This example shows how to make 20 percent of the CPU time available for the process tasks: Router-config# scheduler allocate 2000 500 Router-config# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-645 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA service counters max age service counters max age To set the time interval for retrieving statistics, use the service counters max age command. To return to the default settings, use the no form of this command. service counters max age seconds no service counters max age Syntax Description seconds Defaults seconds is 5 seconds. Command Modes Global configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Maximum age of the statistics retrieved from the CLI or SNMP; valid values are from 0 to 60 seconds. Usage Guidelines Note If you decrease the time interval for retrieving statistics from the default setting (5 seconds), traffic congestion may result in situations where frequent SNMP (SMNP bulk) retrievals occur. Ifyou configure the seconds value between 6 and 9 seconds, the counter update occurs at the 10-second default to ensure that the system is not too busy computing statistics. If the statistics collection uses more than 20 percent of the CPU time, the system automatically increases the time that the statistics process sleeps between counter updates. Ifyou configure the seconds value between 0 and 5 seconds, and if the CPU utility is low, the counter updates occur after the configured delay seconds which ensures that the system load is at 20 percent. For example, if the statistics calculation time takes 4 seconds, and you have configured the service maximum age to 5 seconds, the period between statistics collections will be 20 seconds (the collection period equals the duration multiplied by 5) regardless of what you configured, which ensures that the statistics collection does not increase the CPU utility. Examples This example shows how to set the time interval for retrieving statistics: Router(config)# service counters max age 10 Router(config)# This example shows how to return to the default setting: Router(config)# no service counters max age Router(config)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-646 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA service-policy service-policy To attach a policy map to an interface, use the service-policy command. To remove a policy map from an interface, use the no form of this command. service-policy {input | output} policy-map-name no service-policy {input | output} policy-map-name Syntax Description input policy-map-name Specifies a previously configured input-policy map. output policy-map-name Specifies a previously configured output-policy map. Defaults No policy map is attached. Command Modes Interface configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Do not attach a service policy to a port that is a member of an EtherChannel. Although the CLI allows you to configure PFC-based QoS on the WAN ports on the OC-12 ATM OSMs and on the WAN ports on the channelized OSMs, PFC-based QoS is not supported on the WAN ports on these OSMs. OSMs are not supported on Catalyst 6500 series switches that are configured with a Supervisor Engine 32 PISA. PFC QoS supports the optional output keyword only on VLAN interfaces. You can attach both an input-policy map and an output-policy map to a VLAN interface. Examples This example shows how to attach a policy map to a Fast Ethernet interface: Router(config)# interface fastethernet 5/20 Router(config-if)# service-policy input pmap1 Router(config-if)# Related Commands Command Description class-map Accesses the QoS class map configuration mode to configure QoS class maps. policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-647 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA service-policy (control-plane) service-policy (control-plane) To attach a policy map to a control plane for aggregate control plane services, use the service-policy command. To remove a service policy from a control plane, use the no form of this command. service-policy {input | output} policy-map-name no service-policy {input | output} policy-map-name Syntax Description input Applies the specified service policy to the packets that are entering the control plane. output Applies the specified service policy to the packets that are exiting the control plane and enables the Catalyst 6500 series switch to silently discard packets. policy-map-name Name of a service policy map (created using the policy-map command) to be attached. Defaults No service policy is specified. Command Modes Control-plane configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The policy-map-name can be a maximum of 40 alphanumeric characters. After entering the control-plane command, you should use the service-policy command to configure a QoS policy. This policy is attached to the control plane interface for aggregate control plane services, which can control the number or rate of packets that are going to the process level. Silent mode allows a router that is running Cisco IOS software to operate without sending any system messages. If a packet that is destined for the router is discarded for any reason, users will not receive an error message. Some events that will not generate error messages are as follows: Examples • Traffic that is being transmitted to a port in which that router is not listening • A connection to a legitimate address and port that is rejected because of a malformed request This example shows how to configure trusted hosts with source addresses 10.1.1.1 and 10.1.1.2 to forward Telnet packets to the control plane without constraint, while allowing all remaining Telnet packets to be policed at the specified rate: Router(config)# access-list 140 deny tcp host 10.1.1.1 any eq telnet ! Allow 10.1.1.2 trusted host traffic. Router(config)# access-list 140 deny tcp host 10.1.1.2 any eq telnet ! Rate limit all other Telnet traffic. Router(config)# access-list 140 permit tcp any any eq telnet Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-648 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA service-policy (control-plane) ! Define class-map “telnet-class.” Router(config)# class-map telnet-class Router(config-cmap)# match access-group 140 Router(config-cmap)# exit Router(config)# policy-map control-plane-policy Router(config-pmap)# class telnet-class Router(config-pmap-c)# police 80000 conform transmit exceed drop Router(config-pmap-c)# exit Router(config-pmap)# exit ! Define aggregate control plane service for the active Route Processor. Router(config)# control-plane Router(config-cp)# service-policy input control-plane-policy Router(config-cp)# exit This example shows how to configure trusted networks with source addresses 3.3.3.0 and 4.4.4.0 to receive Internet Control Message Protocol (ICMP) port-unreachable responses without constraint, while allowing all remaining ICMP port-unreachables to be dropped: Router(config)# access-list 141 deny icmp host 3.3.3.0 0.0.0.255 any port-unreachable ! Allow 4.4.4.0 trusted network traffic. Router(config)# access-list 141 deny icmp host 4.4.4.0 0.0.0.255 any port-unreachable ! Rate limit all other ICMP traffic. Router(config)# access-list 141 permit icmp any any port-unreachable Router(config)# class-map icmp-class Router(config-cmap)# match access-group 141 Router(config-cmap)# exit Router(config)# policy-map control-plane-out-policy ! Drop all traffic that matches the class "icmp-class." Router(config-pmap)# class icmp-class Router(config-pmap-c)# drop Router(config-pmap-c)# exit Router(config-pmap)# exit Router(config)# control-plane ! Define aggregate control plane service for the active route processor. Router(config-cp)# service-policy output control-plane-policy Router(config-cp)# exit Related Commands Command Description control-plane Enters control-plane configuration mode, which allows users to associate or modify attributes or parameters (such as a service policy) that are associated with the control plane of the device. policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. show policy-map control-plane Displays the configuration either of a class or of all classes for the policy map of a control plane. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-649 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA session slot session slot To open a session with a module (for example, the NAM), use the session slot command. session slot mod {processor processor-id} Syntax Description mod Slot number. processor processor-id Specifies the processor ID. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines To end the session, enter the quit command. This command allows you to use the module-specific CLI. Examples This example shows how to open a session with an MSM (module 4): Router# session slot 4 processor 2 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-650 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set cos cos-inner (policy-map configuration) set cos cos-inner (policy-map configuration) To set the 802.1Q prioritization bits in the trunk VLAN tag of a QinQ-translated outgoing packet with the priority value from the inner customer-edge VLAN tag, use the set cos cos-inner command. To return to the default settings, use the no form of this command. set cos cos-inner no set cos cos-inner Syntax Description This command has no keywords or arguments. Defaults P bits are copied from the outer provider-edge VLAN tag. Command Modes Policy-map class configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is supported on the Gigabit Ethernet WAN interfaces on Catalyst 6500 series switches that are configured with an OSM-2+4GE-WAN+ OSM module only. OSMs are not supported on Catalyst 6500 series switches that are configured with a Supervisor Engine 32. The 802.1P prioritization bits are used in the VLAN tag for QoS processing. When the router copies the double-tagged QinQ packets to the destination interface, by default it uses the P bits from the outer (provider) VLAN tag. To preserve the P bits that are in the inner (customer) VLAN tag, use the set cos cos-inner command. For the set cos cos-inner command to be effective, you must configure the appropriate interface or subinterface as a trusted interface using the mls qos trust command. Otherwise, the interface or subinterface defaults to being untrusted, where the Layer 2 interface zeroes out the P bits of the incoming packets before the set cos cos-inner command can copy them to the outer VLAN tag. The set cos cos-inner command is supported only for the subinterfaces that are configured with an inner (customer) VLAN. The set cos cos-inner command is not supported for the subinterfaces that use the out-range keyword on the bridge-domain (subinterface configuration) command or that are not configured with any form of the bridge-domain (subinterface configuration) command. This behavior remains when you configure the set cos cos-inner command on a policy that is applied to a main interface. The set cos cos-inner command affects the subinterfaces that are configured with a specific inner VLAN but it does not affect the subinterfaces that are not configured with any VLAN or that are configured with the out-range keyword. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-651 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set cos cos-inner (policy-map configuration) Examples This example shows how to configure a policy map for voice traffic that uses the P bits from the inner VLAN tag: Router(config-pmap-c)# set cos cos-inner Router(config-pmap-c)# This example shows how to configure the default policy map class to reset to its default value: Router(config-pmap-c)# no set cos cos-inner Router(config-pmap-c)# This example shows the system message that appears when you attempt to apply a policy to a subinterface that is configured with the bridge-domain (subinterface configuration) command: Router(config-if)# bridge-vlan 32 dot1q-tunnel out-range Router(config-if)# service-policy output cos1 %bridge-vlan 32 does not have any inner-vlan configured. 'set cos cos-inner' is not supported Router(config-if)# Related Commands Command Description bridge-domain (subinterface configuration) Binds a PVC to the specified vlan-id. class-map Accesses the QoS class map configuration mode to configure QoS class maps. mode dot1q-in-dot1q access-gateway Enables a Gigabit Ethernet WAN interface to act as a gateway for QinQ VLAN translation. policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. service-policy Attaches a policy map to an interface. set ip dscp (policy-map Marks a packet by setting the IP DSCP in the ToS byte. configuration) set ip precedence (policy-map configuration) Sets the precedence value in the IP header. show policy-map Displays information about the policy map. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-652 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set ip dscp (policy-map configuration) set ip dscp (policy-map configuration) To mark a packet by setting the IP DSCP in the ToS byte, use the set ip dscp command. To remove a previously set IP DSCP, use the no form of this command. set ip dscp ip-dscp-value no set ip dscp ip-dscp-value Syntax Description ip-dscp-value Defaults This command has no default settings. Command Modes QoS policy-map configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines IP DSCP value; valid values are from 0 to 63. See the “Usage Guidelines” section for additional information. You can enter reserved keywords EF (expedited forwarding), AF11 (assured forwarding class AF11), and AF12 (assured forwarding class AF12) instead of numeric values for ip-dscp-value. After the IP DSCP bit is set, other QoS services can operate on the bit settings. You cannot mark a packet by the IP precedence using the set ip precedence (policy-map configuration) command and then mark the same packet with an IP DSCP value using the set ip dscp command. The network gives priority (or some type of expedited handling) to marked traffic. Typically, you set IP precedence at the edge of the network (or administrative domain); data is queued based on the precedence. WFQ can speed up handling for high-precedence traffic at congestion points. WRED ensures that high-precedence traffic has lower loss rates than other traffic during traffic congestion. The set ip precedence (policy-map configuration) command is applied when you create a service policy in QoS policy-map configuration mode. This service policy is not attached to an interface or to an ATM virtual circuit. See the service-policy command for information on attaching a service policy to an interface. When configuring policy-map class actions, note the following: • For hardware-switched traffic, PFC QoS does not support the bandwidth, priority, queue-limit, or random-detect policy-map class commands. You can configure these commands because they can be used for software-switched traffic. • PFC QoS does not support the set mpls or set qos-group policy-map class commands. • PFC QoS supports the set ip dscp and set ip precedence policy-map class commands (see the “Configuring Policy Map Class Marking” section in the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY). Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-653 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set ip dscp (policy-map configuration) • You cannot do all three of the following in a policy-map class: – Mark traffic with the set ip dscp or set ip precedence (policy-map configuration) commands – Configure the trust state – Configure policing In a policy-map class, you can either mark traffic with the set ip dscp or set ip precedence (policy-map configuration) commands or do one or both of the following: – Configure the trust state – Configure policing Examples This example shows how to set the IP DSCP ToS byte to 8 in the policy map called policy1: Router(config)# policy-map policy1 Router(config-pmap)# class class1 Router(config-pmap-c)# set ip dscp 8 All packets that satisfy the match criteria of class1 are marked with the IP DSCP value of 8. How packets that are marked with the IP DSCP value of 8 are treated is determined by the network configuration. This example shows that after you configure the settings that are shown for voice packets at the edge of the network, all intermediate routers are then configured to provide low-latency treatment to the voice packets: Router(config)# class-map voice Router(config-cmap)# match ip dscp ef Router(config)# policy qos-policy Router(config-pmap)# class voice Router(config-pmap-c)# priority 24 Related Commands Command Description policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. service-policy Attaches a policy map to an interface. show policy-map Displays information about the policy map. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-654 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set ip precedence (policy-map configuration) set ip precedence (policy-map configuration) To set the precedence value in the IP header, use the set ip precedence command. To leave the precedence value at the current setting, use the no form of this command. set ip precedence ip-precedence-value no set ip precedence Syntax Description ip-precedence-value Defaults This command is disabled by default. Command Modes QoS policy-map configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Precedence-bit value in the IP header; valid values are from 0 to 7. See Table 2-31 for a list of value definitions. Table 2-31 lists the value definitions for precedence values in the IP header. They are listed from least to most important. Table 2-31 Value Definitions for IP Precedence Values Definitions 0 routine 1 priority 2 immediate 3 flash 4 flash-override 5 critical 6 internet 7 network After the IP-precedence bits are set, other QoS services, such as WFQ and WRED, operate on the bit settings. The network priorities (or some type of expedited handling) mark traffic through the application of WFQ or WRED at points downstream in the network. Typically, you set IP precedence at the edge of the network (or administrative domain); data is queued based on the precedence. WFQ can speed up handling for certain precedence traffic at congestion points. WRED can ensure that certain precedence traffic has lower loss rates than other traffic during traffic congestion. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-655 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set ip precedence (policy-map configuration) The set ip precedence command is applied when you create a service policy in QoS policy-map configuration mode. This service policy is not attached to an interface or to an ATM virtual circuit. See the service-policy command for information on attaching a service policy to an interface. Examples This example shows how to set the IP precedence to 5 for packets that satisfy the match criteria of the class map called class1: Router(config)# policy-map policy1 Router(config-pmap)# class class1 Router(config-pmap-c)# set ip precedence 5 All packets that satisfy the match criteria of class1 are marked with the IP precedence value of 5. How packets that are marked with the IP-precedence value of 5 are treated is determined by the network configuration. Related Commands Command Description policy-map Accesses QoS policy-map configuration mode to configure the QoS policy map. service-policy Attaches a policy map to an interface. show policy-map Displays information about the policy map. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-656 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set mpls experimental set mpls experimental To set the experimental value, use the set mpls experimental command. To return to the default settings, use the no form of this command. set mpls experimental {{imposition | topmost} experimental-value} Syntax Description imposition Specifies the experimental-bit value on IP to MPLS or MPLS input in all newly imposed labels. topmost Specifies the experimental-bit value on the topmost label on the input or output flows. experimental-value Experimental-bit value; valid values are from 0 to 7. Defaults This command is disabled by default. Command Modes QoS policy-map configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to set the experimental-bit value on the topmost label on input or output: Router(config)# policy-map policy1 Router(config-pmap)# class class1 Router(config-pmap-c)# set mpls experimental topmost 5 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-657 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA set qos-group set qos-group To set the trusted state of a Layer 2 WAN interface, use the set qos-group command. To return to the default settings, use the no form of this command. set qos-group group-value {cos | prec} Syntax Description group-value QoS group value; valid values are from 0 to 99. cos Specifies that the CoS bits in incoming frames are trusted and derives the internal DSCP value from the CoS bits. prec Specifies that the ToS bits in the incoming packets contain an IP-precedence value and derives the internal DSCP value from the IP-precedence bits. Defaults This command is disabled by default. Command Modes QoS policy-map configuration Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is entered in Pipe mode on the MPLS input to select the egress queue. This command is supported on WAN interfaces only. Use the mls qos trust command to set the trusted state on LAN interfaces. Examples This example shows how to set the trusted state of an interface to IP precedence: Router(config)# policy-map policy1 Router(config-pmap)# class class1 Router(config-pmap-c)# set qos-group 54 prec Router(config-if)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-658 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show show To verify the MST configuration, use the show command. show [current | pending] Syntax Description current (Optional) Displays the current configuration that is used to run MST. pending (Optional) Displays the edited configuration that will replace the current configuration. Defaults This command has no default settings. Command Modes MST configuration submode Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The display output from the show pending command is the edited configuration that will replace the current configuration if you enter the exit command to exit MST configuration mode. Entering the show command with no arguments displays the pending configurations. Examples This example shows how to display the edited configuration: Router(config-mst)# show pending Pending MST configuration Name [zorglub] Version 31415 Instance Vlans Mapped -------- --------------------------------------------------------------------0 4001-4096 2 1010, 1020, 1030, 1040, 1050, 1060, 1070, 1080, 1090, 1100, 1110 1120 3 1-1009, 1011-1019, 1021-1029, 1031-1039, 1041-1049, 1051-1059 1061-1069, 1071-1079, 1081-1089, 1091-1099, 1101-1109, 1111-1119 1121-4000 -----------------------------------------------------------------------------Router(config-mst)# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-659 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show This example shows how to display the current configuration: Router(config-mst)# show current Current MST configuration Name [] Revision 0 Instance Vlans mapped -------- --------------------------------------------------------------------0 1-4094 ------------------------------------------------------------------------------- Related Commands Command Description instance Maps a VLAN or a set of VLANs to an MST instance. name (MST configuration submode) Sets the name of an MST region. revision Sets the revision number for the MST configuration. show spanning-tree mst Displays the information about the MST protocol. spanning-tree mst configuration Enters MST-configuration submode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-660 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show adjacency show adjacency To display information about the hardware Layer 3-switching adjacency table, use the show adjacency command. show adjacency [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id} | detail | internal | summary] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, ge-wan, and atm. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 256. vlan vlan-id (Optional) Specifies the VLAN; valid values are from 1 to 4094. detail (Optional) Displays the information about the protocol detail and timer. internal (Optional) Displays the information about the internal data structure. summary (Optional) Displays a summary of CEF-adjacency information. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Hardware Layer 3-switching adjacency statistics are updated every 60 seconds. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-661 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show adjacency The information that is contained in the show adjacency commands includes the following: Examples • Protocol interface. • Type of routing protocol that is configured on the interface. • Interface address. • Method of adjacency that was learned. • MAC address of the adjacent router. • Time left before the adjacency rolls out of the adjacency table. After it rolls out, a packet must use the same next hop to the destination. This example shows how to display adjacency information: Router# show adjacency Protocol Interface IP FastEthernet2/3 IP FastEthernet2/3 Router# Address 172.20.52.1(3045) 172.20.52.22(11) This example shows how to display a summary of adjacency information: Router# show adjacency summary Adjacency Table has 2 adjacencies Interface Adjacency Count FastEthernet2/3 2 Router# This example shows how to display protocol detail and timer information: Router# show adjacency detail Protocol Interface IP FastEthernet2/3 IP FastEthernet2/3 Address 172.20.52.1(3045) 0 packets, 0 bytes 000000000FF920000380000000000000 00000000000000000000000000000000 00605C865B2800D0BB0F980B0800 ARP 03:58:12 172.20.52.22(11) 0 packets, 0 bytes 000000000FF920000380000000000000 00000000000000000000000000000000 00801C93804000D0BB0F980B0800 ARP 03:58:06 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-662 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show adjacency This example shows how to display adjacency information for a specific interface: Router# show adjacency fastethernet 2/3 Protocol Interface Address IP FastEthernet2/3 172.20.52.1(3045) IP FastEthernet2/3 172.20.52.22(11) Router# Related Commands Command Description show mls cef adjacency Displays information about the MLS-hardware Layer 3-switching adjacency node. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-663 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show arp show arp To display the ARP table, use the show arp command. show arp Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the ARP table: Router> show arp Protocol Address Internet 172.20.52.11 Internet 172.20.52.1 Internet 172.20.52.22 Router> Age (min) 4 58 129 Hardware Addr 0090.2156.d800 0060.5c86.5b28 0080.1c93.8040 Type ARPA ARPA ARPA Interface Vlan2 Vlan2 Vlan2 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-664 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show asic-version show asic-version To display the ASIC version for a specific module, use the show asic-version command. show asic-version slot number Syntax Description number Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Examples Module number. In the show asic-version command output, the ASIC types are as follows: • Lyra—Layer 2 forwarding engine • Hyperion—Packet rewrite, multicast, and SPAN engine • Polaris—Layer 3 CEF engine • Pinnacle—4-port Gigabit Ethernet interface • R2D2—Network interface (with combinations of 10/100/1000Mbps and 10Gbps), a receive packet buffer interface, a transmit packet buffer interface as well as an interface to a further upstream ASIC or FPGA. • Titan—Packet rewrite and replication engine • Vela—Constellation bus interface This example shows how to display the ASIC type and version for a specific module: Router# show asic-version slot 1 Module in slot 1 has 3 type(s) of ASIC Name Count PINNACLE 1 MEDUSA 1 TITAN 1 Router# ASICs Version (2.0) (2.0) (0.1) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-665 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show bootflash: show bootflash: To display information about the bootflash: file system, use the show bootflash: command. show bootflash: [all | chips | filesys] Syntax Description all (Optional) Displays all possible flash information. chips (Optional) Displays information about the flash chip. filesys (Optional) Displays information about the file system. Defaults This command has no default settings. Command Modes User EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display information about the file system status: Router> show bootflash: filesys -------- F I L E S Y S T E M S T A T U S -------Device Number = 0 DEVICE INFO BLOCK: bootflash Magic Number = 6887635 File System Vers = 10000 (1.0) Length = 1000000 Sector Size = 40000 Programming Algorithm = 39 Erased State = FFFFFFFF File System Offset = 40000 Length = F40000 MONLIB Offset = 100 Length = C628 Bad Sector Map Offset = 3FFF8 Length = 8 Squeeze Log Offset = F80000 Length = 40000 Squeeze Buffer Offset = FC0000 Length = 40000 Num Spare Sectors = 0 Spares: STATUS INFO: Writable NO File Open for Write Complete Stats No Unrecovered Errors No Squeeze in progress USAGE INFO: Bytes Used = 917CE8 Bytes Available = 628318 Bad Sectors = 0 Spared Sectors = 0 OK Files = 2 Bytes = 917BE8 Deleted Files = 0 Bytes = 0 Files w/Errors = 0 Bytes = 0 Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-666 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show bootflash: This example shows how to display image information: Router> show bootflash: -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1 .. image 8C5A393A 237E3C 14 2063804 Aug 23 1999 16:18:45 c6msfc-boot-mz 2 .. image D86EE0AD 957CE8 9 7470636 Sep 20 1999 13:48:49 rp.halley Router> This example shows how to display all bootflash information: Router> show bootflash: all -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name 1 .. image 8C5A393A 237E3C 14 2063804 Aug 23 1999 16:18:45 c6msfc-bootmz 2 .. image D86EE0AD 957CE8 9 7470636 Sep 20 1999 13:48:49 rp.halley 6456088 bytes available (9534696 bytes used) -------- F I L E S Y S T E M S T A T U S -------Device Number = 0 DEVICE INFO BLOCK: bootflash Magic Number = 6887635 File System Vers = 10000 (1.0) Length = 1000000 Sector Size = 40000 Programming Algorithm = 39 Erased State = FFFFFFFF File System Offset = 40000 Length = F40000 MONLIB Offset = 100 Length = C628 Bad Sector Map Offset = 3FFF8 Length = 8 Squeeze Log Offset = F80000 Length = 40000 Squeeze Buffer Offset = FC0000 Length = 40000 Num Spare Sectors = 0 Spares: STATUS INFO: Writable NO File Open for Write Complete Stats No Unrecovered Errors No Squeeze in progress USAGE INFO: Bytes Used = 917CE8 Bytes Available = 628318 Bad Sectors = 0 Spared Sectors = 0 OK Files = 2 Bytes = 917BE8 Deleted Files = 0 Bytes = 0 Files w/Errors = 0 Bytes = 0 Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-667 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show bootvar show bootvar To display information about the BOOT environment variable, use the show bootvar command. show bootvar Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes User EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show bootvar command output depends on how you configure the boot statement as follows: • If you enter the boot system flash bootflash:sup720_image command in the boot configuration, then the show bootvar command output displays the bootflash information. • If you enter the boot system flash sup-bootflash:sup720_image command in the boot configuration, then the show bootvar command output displays the sup-bootflash information. This action is the correct way of configuring the boot statement. The show bootvar command is available from the switch processor CLI and the route processor CLI. From the switch processor CLI, the display is always bootflash. With either the bootflash or the sup-bootflash boot statement, the switch boots correctly. You should use sup-bootflash in the boot configuration statement because the image is stored in the switch processor bootflash; the route processor sees the image as sup-bootflash. The number displayed after the image name (an example is c6sup12-js-mz.121-13.E,12) indicates the number of times that the Catalyst 6500 series switch tries to reboot the file before giving up. Examples This example shows how to display information about the BOOT environment variable: Router# show bootvar BOOT variable = sup-bootflash:c6sup12-js-mz.121-13.E,12 CONFIG_FILE variable = BOOTLDR variable = bootflash:c6msfc2-boot-mz.121-13.E.bin Configuration register is 0x2102 Standby is up Standby has 112640K/18432K bytes of memory. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-668 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show bootvar Standby Standby Standby Standby Router# Related Commands BOOT variable = bootflash:c6sup12-js-mz.121-13.E,12 CONFIG_FILE variable = BOOTLDR variable = bootflash:c6msfc2-boot-mz.121-13.E.bin Configuration register is 0x2102 Command Description auto-sync Enables automatic synchronization of the configuration files in NVRAM. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-669 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show bootvar Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-670 OL-11437-01 22 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show cable-diagnostics tdr show cable-diagnostics tdr To display the test results for the TDR cable diagnostics, use the show cable-diagnostics tdr command. show cable-diagnostics tdr {interface {interface interface-number}} Syntax Description interface interface Specifies the interface type; valid values are fastethernet and gigabitethernet. interface-number Module and port number. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show cable-diagnostics tdr command is supported on specific modules. See the Release Notes for Cisco IOS Release 12.2 ZY Supervisor Engine 32 PISA for the list of the modules that support TDR. In the event of an open or shorted cable, the accuracy of length of where the cable is open or shorted is plus or minus 2 meters. The pair length can be displayed in meters (m), centimeters (cm), or kilometers (km). If the TDR test has not been run on the port, the following message is displayed: TDR test was never run on Gi2/12 Examples This example shows how to display the information about the TDR test: Router> show cable-diagnostics tdr interface gigabitethernet8/1 TDR test last run on: February 25 11:18:31 Interface Speed Pair Cable length Distance to fault Channel --------- ----- ---- ------------------- ------------------- ------Gi8/1 1000 1-2 1 +/- 6 m N/A Pair B 3-4 1 +/- 6 m N/A Pair A 5-6 1 +/- 6 m N/A Pair C 7-8 1 +/- 6 m N/A Pair D Router> Pair status -----------Terminated Terminated Terminated Terminated Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-671 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show cable-diagnostics tdr Table 2-32 describes the fields in the show cable-diagnostics tdr command output. Table 2-32 show cable-diagnostics tdr Command Output Fields Related Commands Field Description Interface Interface tested. Speed Current line speed. Pair Local pair name. Cable Length Cable length and accuracy. The accuracy unit is displayed in meters (m), centimeters (cm), or kilometers (km). Channel Pair designation. Pair status Pair status displayed is one of the following: • Terminated—The link is up. • Shorted—A short is detected on the cable. • Open—An opening is detected on the cable. • Not Completed—The test on the port failed. • Not Supported—The test on the port is not supported. • Broken—The pair is bad—either open or shorted. • ImpedanceMis—The impedance is mismatched. • InProgress—The diagnostic test is in progress. Command Description clear cable-diagnostics tdr Clears a specific interface or clears all interfaces that support TDR. test cable-diagnostics Tests the condition of 10-Gigabit Ethernet links or copper cables on 48-port 10/100/1000 BASE-T modules. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-672 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show catalyst6000 show catalyst6000 To display the information about the Catalyst 6500 series switch, use the show catalyst6000 command. show catalyst6000 {all | chassis-mac-address | switching-clock | traffic-meter} Syntax Description all Displays the MAC-address ranges and the current and peak traffic-meter reading. chassis-mac-address Displays the MAC-address range. switching-clock Displays the failure recovery mode of the switching clock. traffic-meter Displays the percentage of the backplane (shared bus) utilization. Defaults all Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you enter the switching-clock keywords, the Catalyst 6500 series switch displays whether switching of the redundant clock sources on the backplane is allowed if the active clock source fails. The Catalyst 6500 series switch has either 64 or 1024 MAC addresses that are available to support the software features. You can enter the show catalyst6000 chassis-mac-address command to display the MAC-address range on your chassis. Examples This example shows how to display the MAC-address ranges and the current and peak traffic-meter readings: Router> show catalyst6000 all chassis MAC addresses: 64 addresses from 0001.6441.60c0 to 0001.6441.60ff traffic meter = 0% Never cleared peak = 0% reached at 08:14:38 UTC Wed Mar 19 2003 switching-clock: clock switchover and system reset is allowed Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-673 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show catalyst6000 This example shows how to display the MAC-address ranges: Router# show catalyst6000 chassis-mac-address chassis MAC addresses: 1024 addresses from 00d0.004c.1800 to 00d0.004c.1c00 Router# This example shows how to display the current and peak traffic-meter readings: Router> show catalyst6000 traffic-meter traffic meter = 0% peak = 0% at 09:57:58 UTC Mon Nov 6 2000 Router# This example shows how to display the failure recovery mode of the switching clock: Router> show catalyst6000 switching-clock switching-clock: clock switchover and system reset is allowed Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-674 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show cdp neighbors show cdp neighbors To display detailed information about the neighboring devices that are discovered through CDP, use the show cdp neighbors command. show cdp neighbors [type number] [detail] Syntax Description type (Optional) Interface type that is connected to the neighbors about which you want information; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, port-channel, and vlan. number (Optional) Interface number that is connected to the neighbors about which you want information. detail (Optional) Displays detailed information about a neighbor (or neighbors) including the network address, the enabled protocols, the hold time, and the software version. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The port-channel values are from 0 to 282; values from 257 to 282 are supported on the CSM and the FWSM only. Examples This example shows how to display the information about the CDP neighbors: Router# show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID lab-7206 Eth 0 157 R 7206VXR Fas 0/0/0 lab-as5300-1 Eth 0 163 R AS5300 Fas 0 lab-as5300-2 Eth 0 159 R AS5300 Eth 0 lab-as5300-3 Eth 0 122 R AS5300 Eth 0 lab-as5300-4 Eth 0 132 R AS5300 Fas 0/0 lab-3621 Eth 0 140 R S 3631-telcoFas 0/0 008024 2758E0 Eth 0 132 T CAT3000 1/2 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-675 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show cdp neighbors Table 2-33 describes the fields that are shown in the example. Table 2-33 show cdp neighbors Field Descriptions Field Definition Device ID Configured ID (name), MAC address, or serial number of the neighbor device. Local Intrfce (Local Interface) The protocol that is used by the connectivity media. Holdtme (Holdtime) Remaining amount of time, in seconds, that the current device holds the CDP advertisement from a transmitting router before discarding it. Capability Capability code that is discovered on the device. This device type is listed in the CDP Neighbors table. Possible values are as follows: R—Router T—Transparent bridge B—Source-routing bridge S—Switch H—Host I—IGMP device r—Repeater P—Phone Platform Product number of the device. Port ID Protocol and port number of the device. This example shows how to display detailed information about your CDP neighbors: Router# show cdp neighbors detail ------------------------Device ID: lab-7206 Entry address(es): IP address: 172.19.169.83 Platform: cisco 7206VXR, Capabilities: Router Interface: Ethernet0, Port ID (outgoing port): FastEthernet0/0/0 Holdtime : 123 sec Version : Cisco Internetwork Operating System Software IOS (tm) 5800 Software (C5800-P4-M), Version 12.1(2) Copyright (c) 1986-2002 by Cisco Systems, Inc. advertisement version: 2 Duplex: half ------------------------Device ID: lab-as5300-1 Entry address(es): IP address: 172.19.169.87 . . . Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-676 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show cdp neighbors Table 2-34 describes the fields that are shown in the example. Table 2-34 show cdp neighbors detail Field Descriptions Related Commands Field Definition Device ID Name of the neighbor device and either the MAC address or the serial number of this device. Entry address(es) List of network addresses of neighbor devices. [network protocol] address Network address of the neighbor device. The address can be in IP, IPX, AppleTalk, DECnet, or CLNS protocol conventions. Platform Product name and number of the neighbor device. Capabilities Device type of the neighbor. This device can be a router, a bridge, a transparent bridge, a source-routing bridge, a switch, a host, an IGMP device, or a repeater. Interface Protocol and port number of the port on the current device. Holdtime Remaining amount of time, in seconds, that the current device holds the CDP advertisement from a transmitting router before discarding it. Version: Software version running on the neighbor device. advertisement version: Version of CDP that is being used for CDP advertisements. Duplex: Duplex state of connection between the current device and the neighbor device. Command Description show cdp Displays global CDP information. show cdp entry Displays information about a specific neighboring device discovered using CDP. show cdp interface Displays information about the interfaces on which CDP is enabled. show cdp traffic Displays information about traffic between devices gathered using CDP. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-677 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show cef interface policy-statistics show cef interface policy-statistics To display the per-interface traffic statistics, use the show cef interface policy-statistics command. show cef interface policy-statistics Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes User EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the per-interface traffic statistics: Router# show cef interface policy-statistics POS7/0 is up (if_number 7) Bucket PacketsBytes 1 0 0 2 0 0 3 0 0 4 0 0 5 100 10000 6 0 0 7 0 0 8 0 0 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-678 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show class-map show class-map To display class-map information, use the show class-map command. show class-map [class-name] Syntax Description class-name Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Name of the class map. This example shows how to display class-map information for all class maps: Router# show class-map Class Map match-any class-default (id 0) Match any Class Map match-any class-simple (id 2) Match any Class Map match-all ipp5 (id 1) Match ip precedence 5 Class Map match-all agg-2 (id 3) Router# This example shows how to display class-map information for a specific class map: Router# show class-map ipp5 Class Map match-all ipp5 (id 1) Match ip precedence 5 Router# Related Commands Command Description class-map Accesses the QoS class map configuration mode to configure QoS class maps. show policy-map Displays information about the policy map. show policy-map interface Displays the statistics and the configurations of the input and output policies that are attached to an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-679 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show counters interface show counters interface To display the information about the interface counter, use the show counters interface command. show counters interface {type mod/port} [delta] Syntax Description type Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, port-channel, pos, atm, null, tunnel, and ge-wan. mod/port Module and port number. delta (Optional) Displays the interface counters values since the last clear counters command. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show counters interface command is not supported on SVIs. The show counters interface delta command displays a detailed list of the last-saved counter values. Examples This example shows how to display the information about the interface counter: Router# show counters interface fastethernet 5/2 64 bit counters: 0. rxHCTotalPkts = 1 1. txHCTotalPkts = 1 2. rxHCUnicastPkts = 0 3. txHCUnicastPkts = 0 4. rxHCMulticastPkts = 0 5. txHCMulticastPkts = 0 6. rxHCBroadcastPkts = 1 7. txHCBroadcastPkts = 1 8. rxHCOctets = 78 9. txHCOctets = 78 10. rxTxHCPkts64Octets = 0 11. rxTxHCPkts65to127Octets = 2 12. rxTxHCPkts128to255Octets = 0 13. rxTxHCPkts256to511Octets = 0 14. rxTxHCpkts512to1023Octets = 0 15. rxTxHCpkts1024to1518Octets = 0 16. txHCTrunkFrames = 0 17. rxHCTrunkFrames = 0 18. rxHCDropEvents = 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-680 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show counters interface 32 bit counters: 0. rxCRCAlignErrors 1. rxUndersizedPkts 2. rxOversizedPkts 3. rxFragmentPkts 4. rxJabbers 5. txCollisions 6. ifInErrors 7. ifOutErrors 8. ifInDiscards 9. ifInUnknownProtos 10. ifOutDiscards 11. txDelayExceededDiscards 12. txCRC 13. linkChange 14. wrongEncapFrames All Port Counters 1. InPackets 2. InOctets 3. InUcastPkts 4. InMcastPkts 5. InBcastPkts 6. OutPackets 7. OutOctets 8. OutUcastPkts 9. OutMcastPkts 10. OutBcastPkts 11. AlignErr 12. FCSErr 13. XmitErr 14. RcvErr 15. UnderSize 16. SingleCol 17. MultiCol 18. LateCol 19. ExcessiveCol 20. CarrierSense 21. Runts 22. Giants 23. InDiscards 24. OutDiscards 25. InErrors 26. OutErrors 27. TrunkFramesTx 28. TrunkFramesRx 29. WrongEncap 30. Broadcast_suppression_discards 31. Multicast_suppression_discards 32. Unicast_suppression_discards 33. rxTxHCPkts64Octets 34. rxTxHCPkts65to127Octets 35. rxTxHCPkts128to255Octets 36. rxTxHCPkts256to511Octets 37. rxTxHCpkts512to1023Octets 38. rxTxHCpkts1024to1518Octets 39. DropEvents 40. CRCAlignErrors 41. UndersizedPkts 42. OversizedPkts 43. FragmentPkts 44. Jabbers 45. Collisions 46. DelayExceededDiscards = = = = = = = = = = = = = = = 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = 1 78 0 0 1 1 78 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-681 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show counters interface 47. 48. 49. 50. 51. 52. 53. 54. 55. 56. 57. 58. 59. 60. 61. 62. 63. 64. 65. 66. 67. 68. bpduOutlost qos0Outlost qos1Outlost qos2Outlost qos3Outlost bpduCbicOutlost qos0CbicOutlost qos1CbicOutlost qos2CbicOutlost qos3CbicOutlost bpduInlost qos0Inlost qos1Inlost qos2Inlost qos3Inlost qos4Inlost qos5Inlost qos6Inlost qos7Inlost pqueInlost Overruns maxIndex = = = = = = = = = = = = = = = = = = = = = = 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Router# This example shows how to display the values for the interface counters since the last clear counters command: Router# show counters interface gigabitethernet5/2 delta Time since last clear --------------------1d08h 64 bit counters: 0. rxHCTotalPkts = 508473 1. txHCTotalPkts = 2366 2. rxHCUnicastPkts = 411611 3. txHCUnicastPkts = 193 4. rxHCMulticastPkts = 81868 5. txHCMulticastPkts = 2155 6. rxHCBroadcastPkts = 14994 7. txHCBroadcastPkts = 18 8. rxHCOctets = 36961992 . . . Router# Related Commands Command Description clear counters Clears the interface counters. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-682 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic show diagnostic To view the test results of the online diagnostics and list the supported test suites, use the show diagnostic command. show diagnostic bootup level show diagnostic content [module num] show diagnostic events [module num] [event-type event-type] show diagnostic {ondemand settings} show diagnostic {result [module num] [detail]} show diagnostic schedule [module num] Syntax Description bootup level Displays the coverage level for the configured boot-up diagnostics. content Displays test information including test ID, test attributes, and supported coverage test levels for each test and for all modules. module num (Optional) Specifies the module number. events Displays the event log for the diagnostic events. event-type event-type (Optional) Specifies the event type; valid values are error, info, and warning. ondemand settings Displays the settings for the ondemand diagnostics. result Displays the test results. detail (Optional) Displays the test statistics of each test. schedule Displays the current scheduled diagnostic tasks. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enter a module num, information for all modules is displayed. In the command output, the possible testing results are as follows: • Passed (.) • Failed (F) • Unknown (U) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-683 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic Examples This example shows how to display the test suite and the monitoring interval and test attributes: Router# show diagnostic content module 1 Diagnostic Tests List for Module 1: Module 1: Diagnostics test suite attributes: M/C/* - Minimal level test / Complete level test / Not applicable B/* - Bypass bootup test / Not applicable P/* - Per port test / Not applicable D/N - Disruptive test / Non-disruptive test S/* - Only applicable to standby unit / Not applicable X/* - Not a health monitoring test / Not applicable F/* - Fixed monitoring interval test / Not applicable E/* - Always enabled monitoring test / Not applicable A/I - Monitoring is active / Monitoring is inactive Testing Interval ID Test Name Attributes (day hh:mm:ss.ms) === ================================== ========== ================= 1) TestDummy1 ----------------------> M**D****A 000 00:01:00.000 2) TestDummy2 ----------------------> M**D**FEA 000 00:02:30.000 3) TestGBICIntegrity ---------------> *BPD****I not configured 4) TestActiveToStandbyLoopback -----> M*PDS***I not configured 5) TestLoopback --------------------> M*PD****I not configured 6) TestNewLearn --------------------> M**N****I not configured 7) TestIndexLearn ------------------> M**N****I not configured 8) TestConditionalLearn ------------> M**N****I not configured 9) TestBadBpdu ---------------------> M**D****I not configured 10) TestCapture ---------------------> M**D****I not configured 11) TestProtocolMatch ---------------> M**D****I not configured 12) TestChannel ---------------------> M**D****I not configured 13) TestDontShortcut ----------------> M**Nrefer*I not configured 14) TestL3Capture2 ------------------> M**N****I not configured 15) TestL3VlanMet -------------------> M**N****I not configured 16) TestIngressSpan -----------------> M**N****I not configured 17) TestEgressSpan ------------------> M**N****I not configured 18) TestAclPermit -------------------> M**N****I not configured 19) TestAclDeny ---------------------> M**D****I not configured 20) TestNetflowInlineRewrite --------> C*PD****I not configured Router# This example shows how to display the configured boot-up diagnostic level: Router# show diagnostic bootup level Current Bootup Diagnostic Level = Complete Router# This example shows how to display the event log for the diagnostics: Router# show diagnostic events Diagnostic events (storage for 500 events, 10 events recorded) Event Type (ET):I - Info, W - Warning, E - Error Time Stamp -----------------08/26 15:51:04.335 08/26 15:51:04.335 08/26 15:51:15.511 08/26 15:51:15.511 08/26 16:15:02.247 08/26 16:15:02.247 08/26 16:15:12.683 08/26 16:15:12.683 ET -I I I I I I I I [Card] Event Message -------------------------------------------------------[1] TestIndexLearn Passed [1] Diagnostics Passed [8] TestLoopback Passed [8] Diagnostics Passed [1] TestDontLearn Passed [1] Diagnostics Passed [8] TestNetflowInlineRewrite Passed [8] Diagnostics Passed Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-684 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic 08/26 16:15:42.207 I 08/26 16:15:42.207 I Router# [2] TestActiveToStandbyLoopback Passed [2] Diagnostics Passed This example shows how to display the settings for the ondemand diagnostics: Router# show diagnostic ondemand settings Ondemand Run Iteration = 2 Ondemand Action-on-Error = CONTINUE Router# This example shows how to display the current scheduled diagnostic tasks for the specified slot: Router# show diagnostic schedule module 1 Current Time = 07:55:30 UTC Fri August 2 2002 Diagnostic for Module 1: Schedule #1: To be run on January 3 2003 23:32 Test ID(s) to be executed:1. Schedule #2: To be run daily 14:45 Test ID(s) to be executed:2. Schedule #3: To be run weekly Monday 3:33 Test ID(s) to be executed:all. Router# This example shows how to display the testing results for the specified slot: Router# show diagnostic result module 3 Current bootup diagnostic level:complete Module 3: Overall Diagnostic Result for Module 8 :PASS Diagnostic level at card bootup:complete Test results:(. = Pass, F = Fail, U = Untested) 1) TestLoopback : Port 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ---------------------------------------------------------------------------. . . . . . . . . . . . . . . . . . . . . . . . Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 ---------------------------------------------------------------------------. . . . . . . . . . . . . . . . . . . . . . . . 2) TestNewLearn --------------------> 3) TestIndexLearn ------------------> 4) TestDontLearn -------------------> 5) TestConditionalLearn ------------> 6) TestDontLearn -------------------> . 7) TestConditionalLearn ------------> 8) TestBadBpdu ---------------------> 9) TestTrap ------------------------> 10) TestMatch -----------------------> 11) TestCapture ---------------------> . . . . . . . . . Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-685 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic 12) 13) 14) 15) 16) 17) 18) 19) 20) 21) 22) TestProtocolMatch ---------------> TestChannel ---------------------> TestIPFibShortcut ---------------> TestDontShortcut ----------------> TestL3Capture2 ------------------> TestL3VlanMet -------------------> TestIngressSpan -----------------> TestEgressSpan ------------------> TestAclPermit -------------------> TestAclDeny ---------------------> TestNetflowInlineRewrite: . . . . . . . . . . Port 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ---------------------------------------------------------------------------. . . . . . . . . . . . . . . . . . . . . . . . Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 ---------------------------------------------------------------------------. . . . . . . . . . . . . . . . . . . . . . . . Router# This example shows how to display the detailed testing results for the specified slot: Router# show diagnostic result module 1 detail Current bootup diagnostic level:complete Module 1: Overall Diagnostic Result for Module 1 :PASS Diagnostic level at card bootup:complete Test results:(. = Pass, F = Fail, U = Untested) ___________________________________________________________________________ 1) TestDummy -----------------------> . Error code ------------------> 0 (DIAG_SUCCESS) Total run count -------------> 90 Last test execution time ----> Dec 10 2002 12:34:30 First test failure time -----> Dec 10 2002 11:57:39 Last test failure time ------> Dec 10 2002 12:34:10 Last test pass time ---------> Dec 10 2002 11:34:30 Total failure count ---------> 65 Consecutive failure count ---> 0 ___________________________________________________________________________ 2) TestLoopback: Port 1 2 ---------. . Error code ------------------> Total run count -------------> Last test execution time ----> First test failure time -----> Last test failure time ------> Last test pass time ---------> Total failure count ---------> Consecutive failure count ---> 0 (DIAG_SUCCESS) 1 Dec 10 2002 12:37:18 n/a n/a Dec 10 2002 12:37:18 0 0 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-686 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic This example shows how to display the event logs for the diagnostics: Router# show diagnostic events Diagnostic events (storage for 500 events, 10 events recorded) EventType:I - Info, W - Warning, E - Error TimeStamp 08/26 15:51:04.335 08/26 15:51:04.335 08/26 15:51:15.511 08/26 15:51:15.511 08/26 16:15:02.247 08/26 16:15:02.247 08/26 16:15:12.683 08/26 16:15:12.683 08/26 16:15:42.207 08/26 16:15:42.207 Router# Related Commands Type I I I I I I I I I I Command [Card] EventMessage [1] TestIndexLearn Passed [1] Diagnostics Passed [8] TestLoopback Passed [8] Diagnostics Passed [1] TestDontLearn Passed [1] Diagnostics Passed [8] TestNetflowInlineRewrite Passed [8] Diagnostics Passed [2] TestActiveToStandbyLoopback Passed [2] Diagnostics Passed Description diagnostic bootup level Sets the bootup diagnostic level. diagnostic cns Configures the CNS diagnostics. diagnostic event-log size Modifies the diagnostic event-log size dynamically. diagnostic monitor Configures the health-monitoring diagnostic testing. diagnostic ondemand Configures the ondemand diagnostics. diagnostic schedule test Sets the scheduling of test-based diagnostic testing for a specific module or schedules a supervisor engine switchover. diagnostic start Runs the specified diagnostic test. diagnostic stop Stops the testing process. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-687 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic cns show diagnostic cns To display the information about the CNS subject, use the show diagnostic cns command. show diagnostic cns {publish | subscribe} Syntax Description publish Displays the subject with which the diagnostic results is published. subscribe Displays the subscribed subjects. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The CNS subsystem communicates with remote network applications through the CNS-event agent and follows the publish and subscribe model. An application sets itself up to receive events by subscribing to the approprate event subject name. Examples This example shows how to display the subject with which the diagnostic results is published: Router# show diagnostic cns publish Subject: cisco.cns.device.diag_results Router# This example shows how to display the subscribed subject: Router# show diagnostic cns subscribe Subject: cisco.cns.device.diag_get_results Router# Related Commands Command Description diagnostic cns Configures the CNS diagnostics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-688 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic sanity show diagnostic sanity To display sanity check results, use the show diagnostic sanity command. show diagnostic sanity Syntax Description This command has no arguments or keywords. Defaults If you enter this command without any arguments, it displays information for all the Gigabit Ethernet WAN interfaces in the Catalyst 6500 series switch. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The sanity check runs a set of predetermined checks on the configuration with a possible combination of certain system states to compile a list of warning conditions. The checks are designed to look for anything that seems out of place and are intended to serve as an aid to maintaining the system sanity. The following is a list of the checks that are run and the action taken when the condition is found: • Checks whether the default gateways are reachable. If so, the system stops pinging. • If a port autonegotiates to half duplex, the system flags it. Trunking Checks • If a trunk port has the mode set to on, the system flags it. • If a port is trunking and mode is auto, the system flags it. • If a trunk port is not trunking and the mode is desirable, the system flags it. • If a trunk port negotiates to half duplex, the system flags it. Channeling Checks • If a port has channeling mode set to on, the system flags it. • If a port is not channeling and the mode is set to desirable, the system flags it. • If a VLAN has a spanning-tree root of 32K (root is not set), the system flags it. Spanning-tree VLAN Checks • If a VLAN has a max age on the spanning-tree root that is different than the default, the system flags it. • If a VLAN has a fwd delay on the spanning-tree root that is different than the default, the system flags it. • If a VLAN has a fwd delay on the bridge that is different than the default, the system flags it. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-689 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic sanity • If a VLAN has a fwd delay on the bridge that is different than the default, the system flags it. • If a VLAN has a hello time on the bridge that is different than the default, the system flags it. Spanning-tree Port Checks • If a port has a port cost that is different than the default, the system flags it. • If a port has a port priority that is different than the default, the system flags it. UDLD Checks • If a port has UDLD disabled, the system flags it. • If a port had UDLD shut down, the system flags it. • If a port had a UDLD undetermined state, the system flags it. Assorted Port Checks • If a port had receive flow control disabled, the system flags it. • If a trunk port had PortFast enabled, the system flags it. • The system flags it if an inline power port has any of the following states: – denied – faulty – other – off • If a port has a native VLAN mismatch, the system flags it. • If a port has a duplex mismatch, the system flags it. Bootstring and Config Register Checks • The config register on the primary supervisor engine (and on the secondary supervisor engine if present) must be one of the following values: 0x2 , 0x102, or 0x2102. • The system verifies the bootstring on the primary supervisor engine (and on the secondary supervisor engine if present). The system displays a message if the bootstring is empty. • The system verifies that every file is specified in the bootstring. The system displays a message if the file is absent or shows up with a wrong checksum. If only device: is specified as a filename, then the system verifies that the first file is on the device. Assorted Checks • The system displays a message if IGMP snooping is disabled. • The system displays a message if any of the values of the snmp community access strings {RO,RW,RW-ALL} is the same as the default. • The system displays a message if any of the modules are in states other than “Ok.” • The system displays a message that lists all the tests that failed (displayed as an “F”) in the show test all command. • The system displays a message if *fast is not configured on the switch anywhere. • The system displays a message if there is enough room for the crashinfo file on the bootflash:. • The system displays a message if multicast routing is enabled globally but is not applied to all interfaces. • The system displays a message if IGMP snooping is disabled and RGMP is enabled. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-690 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic sanity Examples This example displays samples of the messages that could be displayed with the show diagnostic sanity command: Router# show diagnostic sanity Pinging default gateway 10.6.141.1 .... Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.6.141.1, timeout is 2 seconds: ..!!. Success rate is 0 percent (0/5) IGMP snooping disabled please enable it for optimum config. IGMP snooping disabled but RGMP enabled on the following interfaces, please enable IGMP for proper config : Vlan1, Vlan2, GigabitEthernet1/1 Multicast routing is enabled globally but not enabled on the following interfaces: GigabitEthernet1/1, GigabitEthernet1/2 A programming algorithm mismatch was found on the device bootflash: Formatting the device is recommended. The bootflash: does not have enough free space to accomodate the crashinfo file. Please check your confreg value : 0x0. Please check your confreg value on standby: 0x0. The boot string is empty. Please enter a valid boot string . Could not verify boot image "disk0:" specified in the boot string on the slave. Invalid boot image "bootflash:asdasd" specified in the boot string on the slave. Please check your boot string on the slave. UDLD has been disabled globally - port-level UDLD sanity checks are being bypassed. OR [ The following ports have UDLD disabled. Please enable UDLD for optimum config: Fa9/45 The following ports have an unknown UDLD link state. Please enable UDLD on both sides of the link: Fa9/45 ] The following ports have portfast enabled: Fa9/35, Fa9/45 The following ports have trunk mode set to on: Fa4/1, Fa4/13 The following trunks have mode set to auto: Fa4/2, Fa4/3 The following ports with mode set to desirable are not trunking: Fa4/3, Fa4/4 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-691 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic sanity The following trunk ports have negotiated to half-duplex: Fa4/3, Fa4/4 The following ports are configured for channel mode on: Fa4/1, Fa4/2, Fa4/3, Fa4/4 The following ports, not channeling are configured for channel mode desirable: Fa4/14 The following vlan(s) have a spanning tree root of 32768: 1 The following vlan(s) have max age on the spanning tree root different from the default: 1-2 The following vlan(s) have forward delay on the spanning tree root different from the default: 1-2 The following vlan(s) have hello time on the spanning tree root different from the default: 1-2 The following vlan(s) have max age on the bridge different from the default: 1-2 The following vlan(s) have fwd delay on the bridge different from the default: 1-2 The following vlan(s) have hello time on the bridge different from the default: 1-2 The following vlan(s) have a different port priority than the default on the port FastEthernet4/1 1-2 The following ports have recieve flow control disabled: Fa9/35, Fa9/45 The following inline power ports have power-deny/faulty status: Gi7/1, Gi7/2 The following ports have negotiated to half-duplex: Fa9/45 The following vlans have a duplex mismatch: Fas 9/45 The following interafaces have a native vlan mismatch: interface (native vlan - neighbor vlan) Fas 9/45 (1 - 64) The value for Community-Access on read-only operations for SNMP is the same as default. Please verify that this is the best value from a security point of view. The value for Community-Access on write-only operations for SNMP is the same as default. Please verify that this is the best value from a security point of view. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-692 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show diagnostic sanity The value for Community-Access on read-write operations for SNMP is the same as default. Please verify that this is the best value from a security point of view. Please check the status of the following modules: 8,9 Module 2 had a MINOR_ERROR. The Module 2 failed the following tests: TestIngressSpan The following ports from Module2 failed test1: 1,2,4,48 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-693 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show dot1q-tunnel show dot1q-tunnel To display a list of 802.1Q tunnel-enabled ports, use the show dot1q-tunnel command. show dot1q-tunnel [{interface interface interface-number}] Syntax Description interface interface (Optional) Specifies the interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, and port-channel. interface-number Interface number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enter any keywords, the 802.1Q tunnel ports for all interfaces are displayed. The interface-number argument designates the module and port number for the ethernet, fastethernet, gigabitethernet, and tengigabitethernet keywords. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. The interface-number argument designates the port-channel number for the port-channel keyword; valid values are from 1 to 282. The values from 257 to 282 are supported on the CSM and the FWSM only. Examples This example indicates that the port is up and has one 802.1Q tunnel that is configured on it: Router# show dot1q-tunnel interface port-channel 10 Interface --------Po10 Related Commands Command Description switchport mode Sets the interface type. vlan dot1q tag native Enables 802.1Q tagging for all VLANs in a trunk. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-694 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show dot1x show dot1x To display the 802.1X information, use the show dot1x command. show dot1x {interface interface interface-number} show dot1x {all | brief | summary | {statistics {interface interface interface-number}}} Syntax Description interface interface Displays the 802.1X information for the interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. interface-number Interface number; see the “Usage Guidelines” section for valid values. all Displays the 802.1X information for all interfaces. brief Displays information about the 802.1X status for all interfaces. summary Displays information about the 802.1X summary for the whole system. statistics Displays information about the 802.1X port; see the “Usage Guidelines” section for information. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When entering the show dot1x statistics command, you must enter interface interface interface-number for the command to perform correctly. If you disable 802.1X globally, the output of the show dot1x brief command displays nothing and the show dot1x summary command output displays 0 in all fields. The interface-number argument designates the module and port number for the ethernet, fastethernet, gigabitethernet, and tengigabitetherne keywords. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display the 802.1X information for a specific interface: Router# show dot1x interface fastethernet 5/1 Default Dot1x Configuration Exists for this interface FastEthernet5/1 AuthSM State = FORCE AUTHORIZED BendSM State = IDLE PortStatus = AUTHORIZED MaxReq = 2 MultiHosts = Disabled Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-695 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show dot1x PortControl QuietPeriod Re-authentication ReAuthPeriod ServerTimeout SuppTimeout TxPeriod = = = = = = = Force Authorized 60 Seconds Disabled 3600 Seconds 30 Seconds 30 Seconds 30 Seconds Router# This example shows how to display the 802.1X information for all interfaces: Router# show dot1x all Dot1x Info for interface FastEthernet3/2 ---------------------------------------------------AuthSM State = FORCE UNAUTHORIZED BendSM State = IDLE PortStatus = UNAUTHORIZED MaxReq = 2 MultiHosts = Disabled Port Control = Force UnAuthorized QuietPeriod = 60 Seconds Re-authentication = Disabled ReAuthPeriod = 3600 Seconds ServerTimeout = 30 Seconds SuppTimeout = 30 Seconds TxPeriod = 30 Seconds Dot1x Info for interface FastEthernet3/12 ---------------------------------------------------AuthSM State = Unknown State BendSM State = Unknown State PortStatus = UNKNOWN MaxReq = 2 MultiHosts = Disabled Port Control = Auto QuietPeriod = 60 Seconds Re-authentication = Disabled ReAuthPeriod = 3600 Seconds ServerTimeout = 30 Seconds SuppTimeout = 30 Seconds TxPeriod = 30 Seconds Guest-Vlan = 91 Router# This example shows how to display the 802.1X statistics for a port: Router# show dot1x statistics interface fastethernet3/1 PortStatistics Parameters for Dot1x -------------------------------------------TxReqId = 0 TxReq = 0 TxTotal = 0 RxStart = 0 RxLogoff = 0 RxRespId = 0 RxResp = 0 RxInvalid = 0 RxLenErr = 0 RxTotal= 0 RxVersion = 0 LastRxSrcMac 0000.0000.0000 Router# This example shows how to display a summary of 802.1X information for the whole system: Router# show dot1x summary Total Total Total Total Total number number number number number of of of of of dot1x enabled ports: FORCE_UNAUTHORIZED dot1x ports: authorized dot1x enabled ports: dot1x ports in single host mode: dot1x ports in multi host mode: 336 0 254 336 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-696 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show dot1x Total number Total number Total number Total number Total number Router# of of of of of dot1x authenticated supplicants: supplicants in AUTH_DISCONNECTED state: supplicants in AUTH_CONNECTING state: supplicants in AUTH_AUTHENTICATING state: supplicants in AUTH_HELD state: 254 0 0 0 0 This example shows how to display the status of all 802.1X-enabled ports: Router# show dot1x brief RV - Radius returned VLAN Port Supplicant MAC ----------------Fa4/1 0000.0000.0000 Fa4/2 0000.0000.0000 Fa4/3 0000.0000.0000 Fa4/4 0000.0000.0000 Fa4/5 0000.0000.0000 Fa4/6 0000.0000.0000 Fa4/7 0000.0000.0000 . . . Output truncated Fa4/35 00fe.ed00.01ba Fa4/36 00fe.ed00.01b8 Fa4/37 00fe.ed00.01e6 Fa4/38 00fe.ed00.01e4 Fa4/39 00fe.ed00.01e2 Fa4/40 00fe.ed00.01e0 Fa4/41 00fe.ed00.01de Fa4/42 00fe.ed00.01dc Router# AuthSM State -----------N/A N/A N/A N/A N/A N/A N/A BendSM State -----------N/A N/A N/A N/A N/A N/A N/A Port Status ----------N/A N/A N/A N/A N/A N/A N/A RV ---- AUTHENTICATED AUTHENTICATED AUTHENTICATED AUTHENTICATED AUTHENTICATED AUTHENTICATED AUTHENTICATED AUTHENTICATED IDLE IDLE IDLE IDLE IDLE IDLE IDLE IDLE AUTHORIZED AUTHORIZED AUTHORIZED AUTHORIZED AUTHORIZED AUTHORIZED AUTHORIZED AUTHORIZED 101 101 101 101 101 101 101 101 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-697 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show dss log show dss log To display the invalidation routes for the DSS range on the NetFlow table, use the show dss log command. show dss log {ip | ipv6} Syntax Description ip Displays the range-invalidation profile for the DSS IP. ipv6 Displays the range-invalidation profile for the DSS IPv6. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Whenever an IPv6 entry is deleted from the routing table, a message is sent to the switch processor to remove the entries that are associated to that network. Several IPv6 prefixes are collapsed to the less specific one if too many invalidations occur in a short period of time. Examples This example shows how to display the range-invalidation profile for the DSS IP: Router# show dss log 22:50:18.551 prefix 22:50:20.059 prefix 22:51:48.767 prefix 22:51:52.651 prefix 22:53:02.651 prefix 22:53:19.651 prefix Router# ip 172.20.52.18 mask 172.20.52.18 127.0.0.0 mask 255.0.0.0 172.20.52.18 mask 172.20.52.18 0.0.0.0 mask 0.0.0.0 0.0.0.0 mask 0.0.0.0 0.0.0.0 mask 0.0.0.0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-698 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment alarm show environment alarm To display the information about the environmental alarm, use the show environment alarm command. show environment alarm [{status | threshold} [frutype]] Syntax Description status (Optional) Displays the operational FRU status. threshold (Optional) Displays the preprogrammed alarm thresholds. frutype (Optional) Alarm type; valid values are all, backplane, clock number, earl slot, fan-tray, module slot, rp slot, power-supply number, supervisor slot, and vtt number. See the “Usage Guidelines” section for a list of valid values for number and slot. Defaults If you do not enter a frutype, all the information about the environmental alarm status is displayed. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Valid values for the frutype are as follows: • clock number—1 and 2. • earl slot—See the “Usage Guidelines” section for valid values. • module slot—See the “Usage Guidelines” section for valid values. • rp slot—See the “Usage Guidelines” section for valid values. • power-supply number—1 and 2. • supervisor slot—See the “Usage Guidelines” section for valid values. • vtt number—1 to 3. The slot argument designates the module and port number. Valid values for slot depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display all the information about the status of the environmental alarm: Router> show environment alarm threshold environmental alarm thresholds: power-supply 1 fan-fail: OK threshold #1 for power-supply 1 fan-fail: (sensor value != 0) is system minor alarm Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-699 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment alarm power-supply 1 power-output-fail: OK threshold #1 for power-supply 1 power-output-fail: (sensor value != 0) is system minor alarm fantray fan operation sensor: OK threshold #1 for fantray fan operation sensor: (sensor value != 0) is system minor alarm operating clock count: 2 threshold #1 for operating clock count: (sensor value < 2) is system minor alarm threshold #2 for operating clock count: (sensor value < 1) is system major alarm operating VTT count: 3 threshold #1 for operating VTT count: (sensor value < 3) is system minor alarm threshold #2 for operating VTT count: (sensor value < 2) is system major alarm VTT 1 OK: OK threshold #1 for VTT 1 OK: (sensor value != 0) is system minor alarm VTT 2 OK: OK threshold #1 for VTT 2 OK: (sensor value != 0) is system minor alarm VTT 3 OK: OK threshold #1 for VTT 3 OK: (sensor value != 0) is system minor alarm clock 1 OK: OK threshold #1 for clock 1 OK: (sensor value != 0) is system minor alarm clock 2 OK: OK threshold #1 for clock 2 OK: (sensor value != 0) is system minor alarm module 1 power-output-fail: OK threshold #1 for module 1 power-output-fail: (sensor value != 0) is system major alarm module 1 outlet temperature: 21C threshold #1 for module 1 outlet temperature: (sensor value > 60) is system minor alarm threshold #2 for module 1 outlet temperature: (sensor value > 70) is system major alarm module 1 inlet temperature: 25C threshold #1 for module 1 inlet temperature: (sensor value > 60) is system minor alarm threshold #2 for module 1 inlet temperature: (sensor value > 70) is system major alarm module 1 device-1 temperature: 30C threshold #1 for module 1 device-1 temperature: (sensor value > 60) is system minor alarm threshold #2 for module 1 device-1 temperature: (sensor value > 70) is system major alarm module 1 device-2 temperature: 29C threshold #1 for module 1 device-2 temperature: (sensor value > 60) is system minor alarm threshold #2 for module 1 device-2 temperature: (sensor value > 70) is system major alarm module 5 power-output-fail: OK threshold #1 for module 5 power-output-fail: (sensor value != 0) is system major alarm module 5 outlet temperature: 26C threshold #1 for module 5 outlet temperature: (sensor value > 60) is system minor alarm threshold #2 for module 5 outlet temperature: (sensor value > 75) is system major alarm module 5 inlet temperature: 23C threshold #1 for module 5 inlet temperature: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-700 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment alarm (sensor value > 50) is system minor alarm threshold #2 for module 5 inlet temperature: (sensor value > 65) is system major alarm EARL 1 outlet temperature: N/O threshold #1 for EARL 1 outlet temperature: (sensor value > 60) is system minor alarm threshold #2 for EARL 1 outlet temperature: (sensor value > 75) is system major alarm EARL 1 inlet temperature: N/O threshold #1 for EARL 1 inlet temperature: (sensor value > 50) is system minor alarm threshold #2 for EARL 1 inlet temperature: (sensor value > 65) is system major alarm Router> Related Commands Command Description show environment status Displays the information about the operational FRU status. show environment temperature Displays the current temperature readings. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-701 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment cooling show environment cooling To display the information about the cooling parameter, use the show environment cooling command. show environment cooling Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the cooling parameter: Router# show environment cooling fan-tray 1: fan-tray 1 fan-fail: failed fan-tray 2: fan 2 type: FAN-MOD-9 fan-tray 2 fan-fail: OK chassis cooling capacity: 690 cfm ambient temperature: 55C chassis per slot cooling capacity: 75 cfm module module module module module module Router# Related Commands 1 2 5 6 8 9 cooling cooling cooling cooling cooling cooling requirement: requirement: requirement: requirement: requirement: requirement: 70 70 30 70 70 30 cfm cfm cfm cfm cfm cfm Command Description hw-module fan-tray version Sets the version (high or low power) type of the fan. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-702 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment status show environment status To display the information about the operational FRU status, use the show environment status command. show environment status [frutype] Syntax Description frutype Defaults If you do not enter a frutype, all FRU status information is displayed. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) FRU type; see the “Usage Guidelines” section for a list of valid values. Valid values for the frutype are as follows: • all—No arguments. • backplane—No arguments. • clock number—1 and 2. • earl slot—See the “Usage Guidelines” section for valid values. • fan-tray—No arguments. • module slot—See the “Usage Guidelines” section for valid values. • power-supply number—1 and 2. • rp slot—See the “Usage Guidelines” section for valid values. • supervisor slot—See the “Usage Guidelines” section for valid values. • vtt number—1 to 3. The slot argument designates the module and port number. Valid values for slot depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display the information about the environmental status: Router> show environment status backplane: operating clock count: 2 operating VTT count: 3 fan-tray: fantray fan operation sensor: OK Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-703 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment status VTT 1: VTT 1 OK: OK VTT 2: VTT 2 OK: OK VTT 3: VTT 3 OK: OK clock 1: clock 1 OK: OK, clock 1 clock-inuse: not-in-use clock 2: clock 2 OK: OK, clock 2 clock-inuse: in-use power-supply 1: power-supply 1 fan-fail: OK power-supply 1 power-output-fail: OK module 1: module 1 power-output-fail: OK module 1 outlet temperature: 21C module 1 inlet temperature: 25C module 1 device-1 temperature: 30C module 1 device-2 temperature: 29C EARL 1 outlet temperature: N/O EARL 1 inlet temperature: N/O module 5: module 5 power-output-fail: OK module 5 outlet temperature: 26C module 5 inlet temperature: 23C module 5 device-1 temperature: 26C module 5 device-2 temperature: 27C Router> This example shows how to display the information about the high-capacity power supplies: Router# show environment status power-supply 2 power-supply 2: power-supply 2 fan-fail: OK power-supply 2 power-input 1: none power-supply 2 power-input 2: AC low power-supply 2 power-input 3: AC high power-supply 2 power-output: low (mode 1) power-supply 2 power-output-fail: OK Table 2-35 describes the fields that are shown in the example. Table 2-35 show environment status Command Output Fields Field Description operating clock count Physical clock count. operating VTT count Physical VTT count. fan tray fan operation sensor System fan tray failure status. The failure of the system fan tray is indicated as a minor alarm. VTT 1, VTT2, and VTT3 Status of the chassis backplane power monitors that are located on the rear of the chassis under the rear cover. Operation of at least two VTTs is required for the system to function properly. A minor system alarm is signaled when one of the three VTTs fails. A major alarm is signaled when two or more VTTs fail and the supervisor engine is accessible through the console port. clock # clock-inuse Clock status. Failure of either clock is considered to be a minor alarm. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-704 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment status Table 2-35 show environment status Command Output Fields (continued) Related Commands Field Description power-supply # fan-fail Fan failure. Fan failures on either or both (if any) power supplies are considered minor alarms. power-input-fail Power input failure status (none, AC high, AC low). power-output-fail Power output failure status (high, low). outlet temperature Exhaust temperature value. inlet temperature Intake temperature value. device-1 and device-2 temperature Two devices that measure the internal temperature on each indicated module. The temperature shown indicates the temperature that the device is recording. The devices are not placed at an inlet or an exit but are additional reference points. Command Description show environment alarm Displays the information about the environmental alarm. show environment temperature Displays the current temperature readings. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-705 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment temperature show environment temperature To display the current temperature readings, use the show environment temperature command. show environment temperature [frutype] Syntax Description frutype Defaults If you do not enter a frutype, the module and EARL temperature readings are displayed. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) FRU type; see the “Usage Guidelines” section for a list of valid values. Valid values for the frutype are as follows: • earl slot—See the “Usage Guidelines” section for valid values. • module slot—See the “Usage Guidelines” section for valid values. • rp slot—See the “Usage Guidelines” section for valid values. • vtt number—1 to 3. • clock number—1 and 2. The slot argument designates the module and port number. Valid values for slot depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. The show environment temperature module command output includes the updated information after an SCP response is received. In the output display, the following applies: Examples • N/O means not operational—The sensor is broken, returning impossible values. • N/A means not available—The sensor value is presently not available; try again later. • VTT 1, 2, and 3 refer to the power monitors that are located on the chassis backplane under the rear cover. This example shows how to display the temperature information for a specific module: Router> show environment temperature module 5 module 5 outlet temperature: 34C module 5 inlet temperature: 27C module 5 device-1 temperature: 42C Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-706 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show environment temperature module module module module module module module Router> 5 5 5 5 5 5 5 device-2 temperature: 41C asic-1 (SSO-1) temp: 29C asic-2 (SSO-2) temp: 29C asic-3 (SSO-3) temp: 29C asic-4 (SSO-4) temp: 28C asic-5 (SSA-1) temp: 29C asic-6 (HYPERION-1) temp: 29C This example shows how to display the temperature readings for all modules: Router> show environment temperature VTT 1 outlet temperature: 25C VTT 2 outlet temperature: 24C VTT 3 outlet temperature: 28C module 1 outlet temperature: 24C module 1 device-2 temperature: 29C RP 1 outlet temperature: 25C RP 1 inlet temperature: 29C EARL 1 outlet temperature: 25C EARL 1 inlet temperature: 22C module 5 outlet temperature: 27C module 5 inlet temperature: 22C Router# Table 2-36 describes the fields that are shown in the example. Table 2-36 show environment temperature Command Output Fields Related Commands Field Description outlet temperature Exhaust temperature value. inlet temperature Intake temperature value. device-1 and device-2 temperature Two devices that measure the internal temperature on the indicated module. The temperature shown indicates the temperature that the device is recording. The devices are not placed at an inlet or an exit but are additional reference points. Command Description show environment alarm Displays the information about the environmental alarm. show environment status Displays the information about the operational FRU status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-707 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show eobc show eobc To display the information about the EOBC interface, use the show eobc command. show eobc Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the EOBC interface: Router> show eobc EOBC0/0 is up, line protocol is up Hardware is DEC21143, address is 0000.2100.0000 (bia 0000.2100.0000) MTU 0 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not set Unknown duplex, Unknown Speed, MII ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:00:00, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 25/2147483647, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 172196 packets input, 11912131 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast 0 input packets with dribble condition detected 172144 packets output, 11363476 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Interface EOBC0/0 Hardware is DEC21143 dec21140_ds=0x618FB938, registers=0x3C018000, ib=0x38A9180 rx ring entries=128, tx ring entries=256, af setup failed=0 rxring=0x38A9280, rxr shadow=0x618FBB20, rx_head=28, rx_tail=0 txring=0x38A9AC0, txr shadow=0x618FBD4C, tx_head=72, tx_tail=72, tx_count=0 PHY link up CSR0=0xF8024882, CSR1=0xFFFFFFFF, CSR2=0xFFFFFFFF, CSR3=0x38A9280 CSR4=0x38A9AC0, CSR5=0xF0660000, CSR6=0x320CA002, CSR7=0xF3FFA261 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-708 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show eobc CSR8=0xE0000000, CSR9=0xFFFDC3FF, CSR10=0xFFFFFFFF, CSR11=0x0 CSR12=0xC6, CSR13=0xFFFF0000, CSR14=0xFFFFFFFF, CSR15=0x8FF80000 DEC21143 PCI registers: bus_no=0, device_no=6 CFID=0x00191011, CFCS=0x02800006, CFRV=0x02000041, CFLT=0x0000FF00 CBIO=0x20000801, CBMA=0x48018000, CFIT=0x28140120, CFDD=0x00000400 MII registers: Register 0x00: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF Register 0x08: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF Register 0x10: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF Register 0x18: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF throttled=0, enabled=0, disabled=0 rx_fifo_overflow=0, rx_no_enp=0, rx_discard=0 tx_underrun_err=0, tx_jabber_timeout=0, tx_carrier_loss=0 tx_no_carrier=0, tx_late_collision=0, tx_excess_coll=0 tx_collision_cnt=0, tx_deferred=0, fatal_tx_err=0, tbl_overflow=0 HW addr filter: 0x38D2EE0, ISL Disabled Entry= 0: Addr=0000.0000.0000 Entry= 1: Addr=0000.0000.0000 Entry= 2: Addr=0000.0000.0000 Entry= 3: Addr=0000.0000.0000 Entry= 4: Addr=0000.0000.0000 Entry= 5: Addr=0000.0000.0000 Entry= 6: Addr=0000.0000.0000 Entry= 7: Addr=0000.0000.0000 Entry= 8: Addr=0000.0000.0000 Entry= 9: Addr=0000.0000.0000 Entry=10: Addr=0000.0000.0000 Entry=11: Addr=0000.0000.0000 Entry=12: Addr=0000.0000.0000 Entry=13: Addr=0000.0000.0000 Entry=14: Addr=0000.0000.0000 Entry=15: Addr=0000.2100.0000 Router> This example shows how to display the information about the EOBC interface but excludes lines that contain the word output: Router> show eobc | exclude output EOBC0/0 is up, line protocol is up Hardware is DEC21143, address is 0000.2100.0000 (bia 0000.2100.0000) MTU 0 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not set Unknown duplex, Unknown Speed, MII ARP type: ARPA, ARP Timeout 04:00:00 Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 25/2147483647, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 175919 packets input, 12196443 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast 0 input packets with dribble condition detected 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier Interface EOBC0/0 Hardware is DEC21143 dec21140_ds=0x618FB938, registers=0x3C018000, ib=0x38A9180 rx ring entries=128, tx ring entries=256, af setup failed=0 rxring=0x38A9280, rxr shadow=0x618FBB20, rx_head=7, rx_tail=0 txring=0x38A9AC0, txr shadow=0x618FBD4C, tx_head=209, tx_tail=209, tx_count=0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-709 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show eobc PHY link up CSR0=0xF8024882, CSR1=0xFFFFFFFF, CSR2=0xFFFFFFFF, CSR3=0x38A9280 CSR4=0x38A9AC0, CSR5=0xF0660000, CSR6=0x320CA002, CSR7=0xF3FFA261 CSR8=0xE0000000, CSR9=0xFFFDC3FF, CSR10=0xFFFFFFFF, CSR11=0x0 CSR12=0xC6, CSR13=0xFFFF0000, CSR14=0xFFFFFFFF, CSR15=0x8FF80000 DEC21143 PCI registers: bus_no=0, device_no=6 CFID=0x00191011, CFCS=0x02800006, CFRV=0x02000041, CFLT=0x0000FF00 CBIO=0x20000801, CBMA=0x48018000, CFIT=0x28140120, CFDD=0x00000400 MII registers: Register 0x00: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF Register 0x08: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF Register 0x10: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF Register 0x18: FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF throttled=0, enabled=0, disabled=0 rx_fifo_overflow=0, rx_no_enp=0, rx_discard=0 tx_underrun_err=0, tx_jabber_timeout=0, tx_carrier_loss=0 tx_no_carrier=0, tx_late_collision=0, tx_excess_coll=0 tx_collision_cnt=0, tx_deferred=0, fatal_tx_err=0, tbl_overflow=0 HW addr filter: 0x38D2EE0, ISL Disabled Entry= 0: Addr=0000.0000.0000 Entry= 1: Addr=0000.0000.0000 Entry= 2: Addr=0000.0000.0000 Entry= 3: Addr=0000.0000.0000 Entry= 4: Addr=0000.0000.0000 Entry= 5: Addr=0000.0000.0000 Entry= 6: Addr=0000.0000.0000 Entry= 7: Addr=0000.0000.0000 Entry= 8: Addr=0000.0000.0000 Entry= 9: Addr=0000.0000.0000 Entry=10: Addr=0000.0000.0000 Entry=11: Addr=0000.0000.0000 Entry=12: Addr=0000.0000.0000 Entry=13: Addr=0000.0000.0000 Entry=14: Addr=0000.0000.0000 Entry=15: Addr=0000.2100.0000 Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-710 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show erm statistics show erm statistics To display the FIB TCAM exception status for IPv4, IPv6, and MPLS protocols, use the show erm statistics command. show erm statistics Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The IPv4, IPv6, and MPLS exception state displays FALSE when the protocol is not under the exception or displays TRUE when the protocol is under the exception. Examples This example shows how to display the FIB TCAM exception status for IPv4, IPv6, and MPLS protocols: Router> show erm statistics #IPv4 excep notified = 0 #IPv6 excep notified = 0 #MPLS excep notified = 0 #IPv4 reloads done = 0 #IPv6 reloads done = 0 #MPLS reloads done = 0 Current IPv4 excep state = FALSE Current IPv6 excep state = FALSE Current MPLS excep state = FALSE #Timer expired = 0 #of erm msgs = 1 Router> Related Commands Command Description mls erm priority Assigns the priorities to define an order in which protocols attempt to recover from the exception status. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-711 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show errdisable detect show errdisable detect To display the error-disable detection status, use the show errdisable detect command. show errdisable detect Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the error-disable detection status: Router# show errdisable detect ErrDisable Reason Detection status -------------------------------udld Enabled bpduguard Enabled rootguard Enabled packet-buffer-err Enabled pagp-flap Enabled dtp-flap Enabled link-flap Enabled Router# Related Commands Command Description errdisable detect cause Enables the error-disable detection. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-712 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show errdisable flap-value show errdisable flap-value To display the flap values for error-disable detection, use the show errdisable flap-value command. show errdisable flap-value Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the flap values for error-disable detection: Router# show errdisable flap-value ErrDisable Reason Flaps Time (sec) ------------------------------pagp-flap 3 30 dtp-flap 3 30 link-flap 5 10 Router#Router# Related Commands Command Description errdisable detect cause Enables the error-disable detection. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-713 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show errdisable recovery show errdisable recovery To display the information about the error-disable recovery timer, use the show errdisable recovery command. show errdisable recovery Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the error-disable recovery timer: Router# show errdisable recovery ErrDisable Reason Timer Status -----------------------------udld Enabled bpduguard Enabled rootguard Enabled pagp-flap Enabled dtp-flap Enabled link-flap Enabled Timer interval:300 seconds Interfaces that will be enabled at the next timeout: Interface --------Fa9/4 Related Commands Errdisable reason ----------------link-flap Time left(sec) -------------279 Command Description errdisable recovery Configures the recovery mechanism variables. show interfaces status Displays the interface status or a list of interfaces in an error-disabled state on LAN ports only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-714 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show etherchannel show etherchannel To display the EtherChannel information for a channel, use the show etherchannel command. show etherchannel [channel-group] {port-channel | brief | detail | summary | port | load-balance | protocol} Syntax Description channel-group (Optional) Number of the channel group; valid values are a maximum of 64 values from 1 to 282. port-channel Displays the port-channel information. brief Displays a summary of EtherChannel information. detail Displays the detailed EtherChannel information. summary Displays a one-line summary per channel group. port Displays the EtherChannel port information. load-balance Displays load-balance information. protocol Displays the enabled protocol. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify a channel-group, all channel groups are displayed. The channel-group values that are from 257 to 282 are supported on the CSM and the FWSM only. In the output, the Passive port list field is displayed for Layer 3 port channels only. This field means that the physical interface, which is still not up, is configured to be in the channel group (and indirectly is the only port channel in the channel group). In the show etherchannel protocol output, if the interface is configured as part of the channel in mode ON, the command displays Protocol: - (Mode ON). In the output of the show etherchannel summary command, the following guidelines apply: • In the column that displays the protocol that is used for the channel, if the channel mode is ON, a hyphen (-) is displayed. • Multiple aggregators are supported for LACP. For example, if two different bundles are created, Po1 indicates the primary aggregator, and Po1A and Po1B indicate the secondary aggregators. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-715 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show etherchannel In the output of the show etherchannel load-balance command, the following guidelines apply: Examples • For EtherChannel load balancing of IPv6 traffic, if the traffic is bridged onto an EtherChannel (for example, it is a Layer 2 channel and traffic in the same VLAN is bridged across it), the traffic is always load balanced by the IPv6 addresses or either src, dest, or src-dest, depending on the configuration. For this reason, the switch ignores the MAC/IP/ports for bridged IPv6 traffic. If you configure src-dst-mac, the src-dst-ip(v6) address is used. If you configure src-mac, the src-ip(v6) address is used. • IPv6 traffic that is routed over a Layer 2 or a Layer 3 channel is load balanced based on MAC addresses or IPv6 addresses, depending on the configuration. The MAC/IP and the src/dst/src-dst are supported, but load balancing that is based on Layer 4 ports is not supported. If you use the port keyword, the IPv6 addresses, src, dst, or src-dst are used. This example shows how to display the port-channel information for a specific group: Router# show etherchannel 12 port-channel Group: 12 ---------Port-channels in the group: ---------------------Port-channel: Po1 -----------Age of the Port-channel = 143h:01m:12s Logical slot/port = 14/1 Number of ports = 2 GC = HotStandBy port = null Port state = Port-channel Ag-Inuse Protocol = LACP Ports in the Port-channel: Index Load Port EC state ------+------+------+-----------0 55 Fa4/1 active 1 AA Fa4/2 active Time since last port bundled: 16h:28m:58s Time since last port Un-bundled: 16h:29m:00s Router# Fa4/1 Fa4/4 This example shows how to display the load-balancing information: Router# show etherchannel load-balance EtherChannel Load-Balancing Configuration: dst-mac mpls label-ip EtherChannel Load-Balancing Addresses Used Per-Protocol: Non-IP: Destination MAC address IPv4: Destination MAC address IPv6: Destination MAC address (routed packets) Destination IP address (bridged packets) MPLS: Label or IP Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-716 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show etherchannel This example shows how to display a summary of information for a specific group: Router# show etherchannel 1 brief Group: 1 ---------Group state = L2 Ports: 4 Maxports = 8 Port-channels: 1 Max Port-channels = 1 Protocol: LACP Router# This example shows how to display the detailed information for a specific group: Router# show etherchannel 12 detail Group state = L2 Ports: 1 Maxports = 8 Port-channels: 1 Max Port-channels = 1 Protocol: PAgP Ports in the group: ------------------Port: Fa5/2 -----------Port state Channel group Port-channel 2 Port index Flags: = Down Not-in-Bndl = 12 Mode = Desirable-Sl = null GC = 0x00000000 = 0 Load = 0x00 Gcchange = 0 Pseudo port-channel = Po1 Protocol = PAgP S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs A - Device is in active mode P - Device is in passive mode Local information: Port Fa4/1 Flags SA LACP Port Priority 32768 State bndl Admin Key 100 Oper Key 100 Port Number 0xc1 Port State 0x75 Partner’s information: Port Fa4/1 Partner System ID 8000,00b0.c23e.d861 LACP Partner Port Priority 32768 Partner Port Number 0x81 Partner Oper Key 128 Age 14s Partner Flags SP Partner Port State 0x81 Age of the port in the current state: 16h:27m:42s Port-channels in the group: ---------------------Port-channel: Po12 -----------Age of the Port-channel = 04d:02h:52m:26s Logical slot/port = 14/1 Number of ports = 0 GC = 0x00000000 HotStandBy port = null Port state = Port-channel Ag-Not-Inuse Protocol = PAgP Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-717 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show etherchannel This example shows how to display a one-line summary per channel group: Router# show etherchannel summary Flags: D - down P - in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only) R - Layer3 S - Layer2 U - in use f - failed to allocate aggregator Number of channel-groups in use: 2 Number of aggregators: 2 Group Port-channel Protocol Ports ------+-------------+-----------+----------------------------------------------12 Po12(SD) PAgP Fa5/2(D) 24 Po24(RD) Router# This example shows how to display the information about the EtherChannel port for a specific group: Router# show etherchannel 1 port Channel-group listing: ----------------------Group: 1 ---------Ports in the group: ------------------Port: Fa5/4 -----------Port state = EC-Enbld Down Not-in-Bndl Usr-Config Channel group = 1 Mode = Desirable Gcchange = 0 Port-channel = null GC = 0x00000000 Psudo-agport = Po1 Port index = 0 Load = 0x00 Protocol = LACP Flags: S - Device is sending Slow LACPDUs F - Device is sending fast LACPDUs A - Device is in active mode P - Device is in passive mode Local information: Port Fa5/4 Flags SA LACP Port Priority 32768 State bndl Admin Key 100 Oper Key 100 Port Number 0xc1 Port State 0x75 Partner’s information: Port Fa5/4 Partner System ID 8000,00b0.c23e.d861 LACP Partner Port Priority 32768 Partner Port Number 0x81 Partner Oper Key 128 Age 14s Partner Flags SP Partner Port State 0x81 Age of the port in the current state: 04d:02h:57m:38s Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-718 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show etherchannel This example shows how to display the protocol that was enabled: Router# show etherchannel protocol Channel-group listing: ----------------------Group: 12 ---------Protocol: PAgP Group: 24 ---------Protocol: Router# Related Commands - (Mode ON) Command Description channel-group Assigns and configures an EtherChannel interface to an EtherChannel group. channel-protocol Sets the protocol that is used on an interface to manage channeling. interface port-channel Creates a port-channel virtual interface and enters interface configuration mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-719 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm features show fm features To display the information about the feature manager, use the show fm features command. show fm features Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the feature manager: Router> show fm features Designated PISA:1 Non-designated PISA:1 Redundancy Status:designated Interface:FastEthernet2/10 IP is enabled hw[EGRESS] = 1, hw[INGRESS] = 1 hw_force_default[EGRESS] = 0, hw_force_default[INGRESS] = 0 mcast = 0 priority = 2 reflexive = 0 inbound label:1 protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:106 outbound label:2 protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:106 Interface:FastEthernet2/26 IP is enabled hw[EGRESS] = 1, hw[INGRESS] = 0 hw_force_default[EGRESS] = 0, hw_force_default[INGRESS] = 1 mcast = 0 priority = 2 reflexive = 0 inbound label:24 protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:113 outbound label:3 protocol:ip feature #:1 feature Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-720 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm features id:FM_IP_WCCP Service ID:0 Service Type:0 Interface:Vlan55 IP is enabled hw[EGRESS] = 1, hw[INGRESS] = 1 hw_force_default[EGRESS] = 0, hw_force_default[INGRESS] = 0 mcast = 0 priority = 2 reflexive = 0 inbound label:4 protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:111 Interface:Vlan101 IP is enabled hw[EGRESS] = 1, hw[INGRESS] = 1 hw_force_default[EGRESS] = 0, hw_force_default[INGRESS] = 0 mcast = 0 priority = 2 reflexive = 0 inbound label:5 protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:101 outbound label:6 protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:101 Router> This example shows how to display the lines of feature manager information starting with the line that begins with Redundancy: Router> show fm features | begin Redundancy Redundancy Status: designated Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-721 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm inband-counters show fm inband-counters To display the number of inband packets that are sent by the PISA for SLB and WCCP, use the show fm inband-counters command. show fm inband-counters Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The output display for the show fm inband-counters command includes the number of SLB inband packets that are sent by the PISA and the number of WCCP inband packets that are sent by the PISA. If CBAC is configured, the command output displays the number of packets that are sent for CBAC by the PISA. Examples This example shows how to display the number of SLB and WCCP inband packets that are sent by the PISA: Router# show fm inband-counters Inband Packets Sent Slot WCCP SLB 1 0 0 2 0 0 3 0 0 4 0 0 5 0 0 6 0 0 7 0 0 8 0 0 9 0 0 10 0 0 11 0 0 12 0 0 13 0 0 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-722 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm insp show fm insp To display the list and status of the ACLs and ports on which CBAC is configured, use the show fm insp command. show fm insp [detail] Syntax Description detail Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Displays all of the flow information. If you can configure a VACL on the port before you configure CBAC, the status displayed is INACTIVE; otherwise, it is ACTIVE. If PFC resources are exhausted, the command displays BRIDGE and is followed by the number of failed currently active NetFlow requests that have been sent to the PISA for processing. The show fm insp command output includes this information: • interface:—Interface on which the IP inspect feature is enabled • (direction)—Direction in which the IP inspect feature is enabled (IN or OUT) • acl name:—Name that is used to identify packets that are being inspected • status:—(ACTIVE or INACTIVE) displays if HW-assist is provided for this interface+direction (ACTIVE=hardware assisted or INACTIVE) The optional detail keyword displays the ACEs that are part of the ACL that is used for IP inspect on the given interface direction. Examples This example shows how to display the list and status of CBAC-configured ACLs and ports: Router> show fm insp interface:Vlan305(in) status :ACTIVE acl name:deny interfaces: Vlan305(out):status ACTIVE Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-723 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm interface show fm interface To display the detailed information about the feature manager on a per-interface basis, use the show fm interface command. show fm interface {{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id}} Syntax Description interface Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. null interface-number Specifies the null interface; the valid value is 0. port-channel number Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 282. vlan vlan-id Specifies the VLAN; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The port-channel number values from 257 to 282 are supported on the CSM and the FWSM only. Examples This example shows how to display the detailed information about the feature manager on a specified interface: Router# show fm interface fastethernet 2/26 Interface:FastEthernet2/26 IP is enabled hw[EGRESS] = 1, hw[INGRESS] = 0 hw_force_default[EGRESS] = 0, hw_force_default[INGRESS] = 1 mcast = 0 priority = 2 reflexive = 0 inbound label:24 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-724 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm interface protocol:ip feature #:1 feature id:FM_IP_ACCESS ACL:113 vmr IP value #1:0, 0, 0, 0, 0, 0, 0, 6 - 1 vmr IP mask #1:0, 0, FFFF, FFFF, 0, 0, 0, FF vmr IP value #2:642D4122, 0, 0, 0, 1, 0, 0, 6 - 1 vmr IP mask #2:FFFFFFFF, 0, 0, 0, 1, 0, 0, FF vmr IP value #3:0, 64020302, 0, 0, 6, 0, 0, 6 - 1 vmr IP mask #3:0, FFFFFFFF, 0, 0, 6, 0, 0, FF vmr IP value #4:0, 64020302, 0, 0, A, 0, 0, 6 - 1 vmr IP mask #4:0, FFFFFFFF, 0, 0, A, 0, 0, FF vmr IP value #5:0, 64020302, 0, 0, 12, 0, 0, 6 - 1 vmr IP mask #5:0, FFFFFFFF, 0, 0, 12, 0, 0, FF vmr IP value #6:0, 0, 0, 0, 0, 0, 0, 0 - 2 vmr IP mask #6:0, 0, 0, 0, 0, 0, 0, 0 outbound label:3 protocol:ip feature #:1 feature id:FM_IP_WCCP Service ID:0 Service Type:0 Router# This example shows how to display the detailed information about the feature manager on a specific VLAN: Router# show fm interface vlan 21 Interface: Vlan21 IP is disabled hw_state[INGRESS] = not reduced, hw_state[EGRESS] = not reduced mcast = 0 priority = 0 flags = 0x0 inbound label: 8 Feature IP_VACL: ----------------------------------------------------------------------------FM_FEATURE_IP_VACL_INGRESS i/f: Vl21 map name: test ============================================================================= -----------------------------------------------------------IP Seq. No: 10 Seq. Result : VACL_ACTION_FORWARD_CAPTURE -----------------------------------------------------------DPort - Destination Port SPort - Source Port Pro - Protocol X - XTAG TOS - TOS Value Res - VMR Result RFM - R-Recirc. Flag MRTNP - M-Multicast Flag R - Reflexive flag - F-Fragment flag - T-Tcp Control N - Non-cachable - M-More Fragments - P-Mask Priority(H-High, L-Low) Adj. - Adj. Index T - M(Mask)/V(Value) FM - Flow Mask NULL - Null FM SAO - Source Only FM DAO - Dest. Only FM SADA - Sour.& Dest. Only VSADA - Vlan SADA Only FF - Full Flow VFF - Vlan Full Flow F-VFF - Either FF or VFF A-VSD - Atleast VSADA A-FF - Atleast FF A-VFF - Atleast VFF A-SON - Atleast SAO A-DON - Atleast DAO A-SD - Atleast SADA SHORT - Shortest A-SFF - Any short than FF A-EFF - Any except FF A-EVFF- Any except VFF A-LVFF- Any less than VFF ERR - Flowmask Error +----+-+---------------+---------------+-----+-----+---+---+-+---+-----+----+------+ |Indx|T| Dest Ip Addr | Source Ip Addr|DPort|SPort|Pro|RFM|X|ToS|MRTNP|Adj.| FM | +----+-+---------------+---------------+-----+-----+---+---+-+---+-----+----+------+ 1 V 22.2.2.2 21.1.1.1 0 0 0 --- 0 0 ----L ---- SHORT M 255.255.255.255 255.255.255.255 0 0 0 000 0 0 TM_PERMIT_RESULT 2 V 32.2.2.2 31.1.1.1 0 0 0 --- 0 0 ----L ---- SHORT M 255.255.255.255 255.255.255.255 0 0 0 000 0 0 TM_PERMIT_RESULT 3 V 0.0.0.0 0.0.0.0 0 0 0 --- 0 0 ----L ---- SHORT Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-725 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm interface M 0.0.0.0 0.0.0.0 0 0 0 000 0 0 TM_L3_DENY_RESULT -----------------------------------------------------------IP Seq. No: 65536 Seq. Result : VACL_ACTION_DROP -----------------------------------------------------------+----+-+---------------+---------------+-----+-----+---+---+-+---+-----+----+------+ |Indx|T| Dest Ip Addr | Source Ip Addr|DPort|SPort|Pro|RFM|X|ToS|MRTNP|Adj.| FM | +----+-+---------------+---------------+-----+-----+---+---+-+---+-----+----+------+ 1 V 0.0.0.0 0.0.0.0 0 0 0 --- 0 0 ----L ---- SHORT M 0.0.0.0 0.0.0.0 0 0 0 000 0 0 TM_PERMIT_RESULT Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-726 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm ipv6 traffic-filter show fm ipv6 traffic-filter To display the IPv6 information, use the show fm ipv6 traffic-filter command. show fm ipv6 traffic-filter {all | {interface interface interface-number}} Syntax Description all Displays IPv6 traffic filter information for all interfaces. interface interface Displays IPv6 traffic filter information for the specifed interface; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display the IPv6 information for a specific interface: Router# show fm ipv6 traffic-filter interface vlan 50 ----------------------------------------------------------------------------FM_FEATURE_IPV6_ACG_INGRESS Name:testipv6 i/f: Vlan50 ============================================================================= DPort - Destination Port SPort - Source Port Pro - Protocol X - XTAG TOS - TOS Value Res - VMR Result RFM - R-Recirc. Flag MRTNP - M-Multicast Flag R - Reflexive flag - F-Fragment flag - T-Tcp Control N - Non-cachable - M-More Fragments - P-Mask Priority(H-High, L-Low) Adj. - Adj. Index T - M(Mask)/V(Value) FM - Flow Mask NULL - Null FM SAO - Source Only FM DAO - Dest. Only FM SADA - Sour.& Dest. Only VSADA - Vlan SADA Only FF - Full Flow VFF - Vlan Full Flow F-VFF - Either FF or VFF A-VSD - Atleast VSADA A-FF - Atleast FF A-VFF - Atleast VFF A-SON - Atleast SAO A-DON - Atleast DAO A-SD - Atleast SADA SHORT - Shortest A-SFF - Any short than FF A-EFF - Any except FF A-EVFF- Any except VFF A-LVFF- Any less than VFF ERR - Flowmask Error Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-727 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm ipv6 traffic-filter +----+-+----------------------------------------+----------------------------------------+ ---+---+-+-----+----+------+ |Indx|T| Dest IPv6 Addr | Source IPv6 Addr |Pro|RFM|X|MRTNP|Adj.| FM | +----+-+----------------------------------------+----------------------------------------+ ---+---+-+-----+----+------+ 1 V 0:200E:: 200D::1 0 -F- - ----L ---- Shorte M 0:FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 TM_SOFT_BRIDGE_RESULT 2 V 0:200E:: 200D::1 17 --- - ----L ---- Shorte M 0:FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 TM_PERMIT_RESULT 3 V 200E:: 200D::1 0 -F- - ----L ---- Shorte M FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 TM_SOFT_BRIDGE_RESULT 4 V 200E:: 200D::1 17 --- - ----L ---- Shorte M FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 TM_PERMIT_RESULT 5 V :: :: 0 -F- - ----L ---- Shorte M :: :: 0 1 TM_SOFT_BRIDGE_RESULT 6 V :: :: 0 -F- - ----L ---- Shorte M :: :: 0 1 TM_SOFT_BRIDGE_RESULT 7 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 8 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 9 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 10 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 11 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 12 V :: :: 58 --- - ----L ---- Shorte M Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-728 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm ipv6 traffic-filter :: :: 255 0 TM_PERMIT_RESULT 13 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 14 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 15 V :: :: 0 --- - ----L ---- Shorte M :: :: 0 0 TM_L3_DENY_RESULT Router# This example shows how to display the IPv6 information for all interfaces: Router# show fm ipv6 traffic-filter all ----------------------------------------------------------------------------FM_FEATURE_IPV6_ACG_INGRESS Name:testipv6 i/f: Vlan50 ============================================================================= DPort - Destination Port SPort - Source Port Pro - Protocol X - XTAG TOS - TOS Value Res - VMR Result RFM - R-Recirc. Flag MRTNP - M-Multicast Flag R - Reflexive flag - F-Fragment flag - T-Tcp Control N - Non-cachable - M-More Fragments - P-Mask Priority(H-High, L-Low) Adj. - Adj. Index T - M(Mask)/V(Value) FM - Flow Mask NULL - Null FM SAO - Source Only FM DAO - Dest. Only FM SADA - Sour.& Dest. Only VSADA - Vlan SADA Only FF - Full Flow VFF - Vlan Full Flow F-VFF - Either FF or VFF A-VSD - Atleast VSADA A-FF - Atleast FF A-VFF - Atleast VFF A-SON - Atleast SAO A-DON - Atleast DAO A-SD - Atleast SADA SHORT - Shortest A-SFF - Any short than FF A-EFF - Any except FF A-EVFF- Any except VFF A-LVFF- Any less than VFF ERR - Flowmask Error +----+-+----------------------------------------+----------------------------------------+ ---+---+-+-----+----+------+ |Indx|T| Dest IPv6 Addr | Source IPv6 Addr |Pro|RFM|X|MRTNP|Adj.| FM | +----+-+----------------------------------------+----------------------------------------+ ---+---+-+-----+----+------+ 1 V 0:200E:: 200D::1 0 -F- - ----L ---- Shorte M 0:FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 TM_SOFT_BRIDGE_RESULT 2 V 0:200E:: 200D::1 17 --- - ----L ---- Shorte M 0:FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 TM_PERMIT_RESULT 3 V 200E:: 200D::1 0 -F- - ----L ---- Shorte M FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 0 1 TM_SOFT_BRIDGE_RESULT 4 V 200E:: 200D::1 17 --- - ----L ---- Shorte M FFFF:FFFF:FFFF:FFFF:: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF 255 0 TM_PERMIT_RESULT Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-729 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm ipv6 traffic-filter 5 V :: :: 0 -F- - ----L ---- Shorte M :: :: 0 1 TM_SOFT_BRIDGE_RESULT 6 V :: :: 0 -F- - ----L ---- Shorte M :: :: 0 1 TM_SOFT_BRIDGE_RESULT 7 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 8 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 9 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 TM_PERMIT_RESULT 10 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 13 V :: :: 58 --- - ----L ---- Shorte M :: :: 255 0 . . Output is truncated . Interface(s) using this IPv6 Ingress Traffic Filter: Vl50, Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-730 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm nat netflow data show fm nat netflow data To display the information about the NAT-related NetFlow data, use the show fm nat netflow data command. show fm nat netflow data Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the NAT-related NetFlow data: Router> show fm nat netflow data FM Pattern with stat push disabled: 1 Default/TCP/UDP Timeouts: Def s/w timeout: 86400 h/w timeout: 300 Pattern(ingress): 4 Pattern(egress): 4 Push interval: 1333 TCP s/w timeout: 86400 h/w timeout: 300 Pattern(ingress): 4 Pattern(egress): 4 Push interval: 1333 UDP s/w timeout: 300 h/w timeout: 300 Pattern(ingress): 3 Pattern(egress): 3 Push interval: 100 Port Timeouts: Idle timeout :3600 secs Fin/Rst timeout :10 secs Fin/Rst Inband packets sent per timeout :10000 Netflow mode to Zero-out Layer4 information for fragment packet lookup : Enabled Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-731 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm reflexive show fm reflexive To display the information about the reflexive entry for the dynamic feature manager, use the show fm reflexive command. show fm reflexive Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the reflexive entry for the dynamic feature manager: Router# show fm reflexive Reflexive hash table: Vlan613:refacl, OUT-REF, 64060E0A, 64060D0A, 0, 0, 7, 783, 6 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-732 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm summary show fm summary To display a summary of feature manager information, use the show fm summary command. show fm summary Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display a summary of feature manager information: Router# show fm summary Current global ACL merge algorithm:BDD Interface:FastEthernet2/10 ACL merge algorithm used: inbound direction: ODM outbound direction:BDD TCAM screening for features is ACTIVE outbound TCAM screening for features is ACTIVE inbound Interface:FastEthernet2/26 ACL merge algorithm used: inbound direction: ODM outbound direction:BDD TCAM screening for features is ACTIVE outbound TCAM screening for features is INACTIVE inbound . . . Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-733 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm vlan show fm vlan To display the information about the per-VLAN feature manager, use the show fm vlan command. show fm vlan vlan-id Syntax Description vlan-id Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples VLAN ID; valid values are from 1 to 4094. This example shows how to display the information about the per-VLAN feature manager: Router# show fm vlan 1 hw[EGRESS] = 1, hw[INGRESS] = 1 hw_force_default[EGRESS] = 0, hw_force_default[INGRESS] = 0 mcast = 0 priority = 2 reflexive = 0 vacc_map : map1 inbound label: 5 merge_err: 0 protocol: ip feature #: 1 feature id: FM_VACL map_name: map1 seq #: 10 (only for IP_PROT) DestAddr SrcAddr Dpt Spt L4OP TOS Est prot Rslt vmr IP value # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 6 permit vmr IP mask # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 FF vmr IP value # 2: 0.0.0.0 0.0.0.0 0 0 0 0 0 11 permit vmr IP mask # 2: 0.0.0.0 0.0.0.0 0 0 0 0 0 FF vmr IP value # 3: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 deny vmr IP mask # 3: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 seq #: 65536 (only for IP_PROT) DestAddr SrcAddr Dpt Spt L4OP TOS Est prot Rslt vmr IP value # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 permit vmr IP mask # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 outbound label: 6 merge_err: 0 protocol: ip feature #: 1 feature id: FM_VACL map_name: map1 seq #: 10 (only for IP_PROT) DestAddr SrcAddr Dpt Spt L4OP TOS Est prot Rslt vmr IP value # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 6 permit Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-734 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show fm vlan vmr IP mask # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 FF vmr IP value # 2: 0.0.0.0 0.0.0.0 0 0 0 0 0 11 permit vmr IP mask # 2: 0.0.0.0 0.0.0.0 0 0 0 0 0 FF vmr IP value # 3: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 deny vmr IP mask # 3: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 seq #: 65536 (only for IP_PROT) DestAddr SrcAddr Dpt Spt L4OP TOS Est prot Rslt vmr IP value # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 permit vmr IP mask # 1: 0.0.0.0 0.0.0.0 0 0 0 0 0 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-735 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show icc show icc To display the information about the ICC counter and status, use the show icc command. show icc {counters | status} Syntax Description counters Specifies the counter information. status Specifies the status information. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the ICC counter: Router# show icc counters total tx RPC packets to slot 1 LCP = 0 detail by request id: ( = ) 2 =0 7 =0 8 =0 10=0 11=0 12=0 14=0 17=0 18=0 19=0 20=0 total rx RPC packets from slot 1 LCP = 0 detail by request id: ( = ) 2 =5 7 =7 8 =11 10=4 11=1 12=2 14=1 17=67 18=7 19=159 20=29 total tx MCAST-SP packets to slot 1 LCP = 0 detail by request id: ( = ) 6 =0 7 =0 8 =0 9 =0 12=0 14=0 total rx MCAST-SP packets from slot 1 LCP = 0 detail by request id: ( = ) 6 =1 7 =1 8 =1 9 =1 12=41 14=67 total tx L3-MGR packets to slot 1 LCP = 0 detail by request id: ( = ) 1 =0 2 =0 3 =0 total rx L3-MGR packets from slot 1 LCP = 0 detail by request id: ( = ) 1 =1 2 =2 3 =1 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-736 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show icc This example shows how to display the information about the ICC status: Router# show icc status Class Name Msgs Pending ----- ---------------- -----------2 RPC 0 3 MSC 0 5 L3-MGR 0 13 TCAM-API 0 Router# Max Pending ----------3 1 4 10 Total Sent ---------403 1 4173 26 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-737 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show idprom show idprom To display the IDPROMs for FRUs, use the show idprom command. show idprom {all | frutype | interface interface slot} [detail] Syntax Description all Displays the information for all FRU types. frutype Type of FRU to display information; see the “Usage Guidelines” section for valid values. interface Specifies the interface to display information; valid values are as follows: interface slot • interface—GigabitEthernet • slot—1 to 13 See the “Usage Guidelines” section for additional information. detail (Optional) Displays the details of the IDPROM data (verbose). Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Valid frutypes are as follows: • backplane—No arguments. • clock number—1 and 2. • earl slot—See the following paragraph for valid values. • module slot—See the following paragraph for valid values. • rp slot—See the following paragraph for valid values. • power-supply—1 and 2. • supervisor slot—See the following paragraph for valid values. • vtt number—1 to 3. The slot argument designates the module and port number. Valid values for slot depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Use the show idprom backplane command to display the chassis serial number. The optional interface interface slot keyword and arguments are supported on GBIC security-enabled interfaces only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-738 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show idprom Examples This example shows how to display IDPROM information for clock 1: Router> show idprom clock 1 IDPROM for clock #1 (FRU is 'Clock FRU') OEM String = 'Cisco Systems' Product Number = 'WS-C6000-CL' Serial Number = 'SMT03073115' Manufacturing Assembly Number = '73-3047-04' Manufacturing Assembly Revision = 'A0' Hardware Revision = 1.0 Current supplied (+) or consumed (-) = 0.000A Router> This example shows how to display IDPROM information for power supply 1: Router> show idprom power-supply 1 IDPROM for power-supply #1 (FRU is '110/220v AC power supply, 1360 watt') OEM String = 'Cisco Systems, Inc.' Product Number = 'WS-CAC-1300W' Serial Number = 'ACP03020001' Manufacturing Assembly Number = '34-0918-01' Manufacturing Assembly Revision = 'A0' Hardware Revision = 1.0 Current supplied (+) or consumed (-) = 27.460A Router> This example shows how to display detailed IDPROM information for power supply 1: Router# show idprom power-supply 1 detail IDPROM for power-supply #1 IDPROM image: (FRU is '110/220v AC power supply, 1360 watt') IDPROM image block #0: hexadecimal contents of block: 00: AB AB 01 90 11 BE 01 00 00 10: 73 63 6F 20 53 79 73 74 65 20: 2E 00 57 53 2D 43 41 43 2D 30: 00 00 00 00 00 00 41 43 50 40: 31 00 00 00 00 00 00 00 00 50: 38 2D 30 31 00 00 00 00 00 60: 00 00 00 00 00 00 00 00 00 70: 00 00 00 01 00 00 00 00 00 80: 00 01 00 06 00 01 00 00 00 02 6D 31 30 00 00 00 00 00 AB 73 33 33 33 41 00 00 0A 01 2C 30 30 34 30 00 09 BA 00 20 30 32 2D 00 00 00 00 01 49 57 30 30 00 00 0C 00 43 6E 00 30 39 00 00 00 00 69 63 00 30 31 00 00 03 00 ..............Ci sco Systems, Inc ..WS-CAC-1300W.. ......ACP0302000 1.........34-091 8-01......A0.... ................ ................ ................ block-signature = 0xABAB, block-version = 1, block-length = 144, block-checksum = 4542 *** common-block *** IDPROM capacity (bytes) = 256 IDPROM block-count = 2 FRU type = (0xAB01,1) OEM String = 'Cisco Systems, Inc.' Product Number = 'WS-CAC-1300W' Serial Number = 'ACP03020001' Manufacturing Assembly Number = '34-0918-01' Manufacturing Assembly Revision = 'A0' Hardware Revision = 1.0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-739 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show idprom Manufacturing bits = 0x0 Engineering bits = 0x0 SNMP OID = 9.12.3.1.6.1.0 Power Consumption = 2746 centiamperes RMA failure code = 0-0-0-0 *** end of common block *** IDPROM image block #1: hexadecimal contents of block: 00: AB 01 01 14 02 5F 00 00 00 00 00 00 00 00 0A BA 10: 0A BA 00 16 ....._.......... .... block-signature = 0xAB01, block-version = 1, block-length = 20, block-checksum = 607 *** power supply block *** feature-bits: 00000000 00000000 rated current at 110v: 2746 rated current at 220v: 2746 (centiamperes) CISCO-STACK-MIB SNMP OID = 22 *** end of power supply block *** End of IDPROM image Router# This example shows how to display IDPROM information for the backplane: Router# show idprom backplane IDPROM for backplane #0 (FRU is 'Catalyst 6000 9-slot backplane') OEM String = 'Cisco Systems' Product Number = 'WS-C6009' Serial Number = 'SCA030900JA' Manufacturing Assembly Number = '73-3046-04' Manufacturing Assembly Revision = 'A0' Hardware Revision = 1.0 Current supplied (+) or consumed (-) = 0.000A Router# This example shows how to display IDPROM information from a GBIC security-enabled interface: Router# show idprom interface g5/1 GBIC Serial EEPROM Contents: Common block: Identifier : Connector : Transceiver Speed : Media : Technology : Link Length : GE Comp Codes : SONET Comp Codes : Encoding : 8B10B BR, Nominal : 12x100 MHz Length(9u) : GBIC does not support single mode fibre, or the length information must be determined from the transceiver technology. Length(50u) : GBIC does not support 50 micron multi-mode fibre, or the length information must be determined from the transceiver technology. Length(62.5u) : GBIC does not support 62.5 micron multi-mode fibre, or the length information must be determined from the transceiver technology. Length(Copper) : GBIC does not support copper cables, or the length information must be determined from the transceiver technology. Vendor Name : IBM Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-740 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show idprom Vendor OUI : 0x8 0x0 0x5A Vendor PN : IBM42P12SNY Vendor rev : CS10 CC_BASE : 0xC6 Extended ID Fields Options : Loss of Signal implemented TX_FAULT signal implemented TX_D ISABLE is implemented and disables the serial output BR, max : 5% BR, min : 5% Vendor SN : 21P70420005D6 Date code : 02071001 CC_EXT : 0xCE Vendor Specific ID Fields: 0x00: 00 00 00 70 2E DF C4 69 50 E6 54 F9 05 D4 83 A2 0x10: 4B 0E 8B 00 00 00 00 00 00 00 00 00 7D 3F D9 1E Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-741 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces show interfaces To display traffic that is seen by a specific interface, use the show interfaces command. show interfaces [{interface interface-number} | {null interface-number} | {vlan vlan-id}] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, and port-channel, atm, and ge-wan. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The valid values for port-channel are from 1 to 308. The port-channel values that are from 257 to 282 are internally allocated, and are supported on the CSM and the FWSM only. Statistics are collected on a per-VLAN basis for Layer 2-switched packets and Layer 3-switched packets. Statistics are available for both unicast and multicast traffic. The Layer 3-switched packet counts are available for both ingress and egress directions. The per-VLAN statistics are updated every 5 seconds. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-742 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces In some cases, you might see a difference in the duplex mode that is displayed between the show interfaces command and the show running-config commands. In this case, the duplex mode that is displayed in the show interfaces command is the actual duplex mode that the interface is running. The show interfaces command shows the operating mode for an interface, while the show running-config command shows the configured mode for an interface. If you do not enter any keywords, all counters for all modules are displayed. The output of the show interfaces GigabitEthernet command displays an extra 4 bytes for every packet that is sent or received. This display occurs on the LAN ports on the GE-WAN module and other Catalyst 6500 series switch Gigabit Ethernet LAN modules. The extra 4 bytes are the Ethernet frame CRC in the input and output byte statistics. Examples This example shows how to display traffic for a specific interface: Router# show interfaces GigabitEthernet3/3 GigabitEthernet3/3 is up, line protocol is up (connected) Hardware is C6k 1000Mb 802.3, address is 000f.2305.49c0 (bia 000f.2305.49c0) MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s, media type is LH input flow-control is off, output flow-control is on Clock mode is auto ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:19, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec L2 Switched: ucast: 360 pkt, 23040 bytes - mcast: 0 pkt, 0 bytes L3 in Switched: ucast: 0 pkt, 0 bytes - mcast: 0 pkt, 0 bytes mcast L3 out Switched: ucast: 0 pkt, 0 bytes mcast: 0 pkt, 0 bytes 437 packets input, 48503 bytes, 0 no buffer Received 76 broadcasts (0 IP multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 0 multicast, 0 pause input 0 input packets with dribble condition detected 86 packets output, 25910 bytes, 0 underruns <=========== 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out Router# This example shows how to display traffic for a FlexWAN module: Router# show interfaces pos 6/1/0.1 POS6/1/0.1 is up, line protocol is up Hardware is Packet over Sonet Internet address is 1.1.2.2/24 MTU 4470 bytes, BW 155000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY <<<+++ no packets info after this line Arches#sh mod 6 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-743 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces Mod Ports Card Type Model Serial No. --- ----- -------------------------------------- ------------------ ----------6 0 2 port adapter FlexWAN WS-X6182-2PA SAD04340JY3 Mod MAC addresses Hw Fw Sw Status --- ---------------------------------- ------ ------------ ------------ ------6 0001.6412.a234 to 0001.6412.a273 1.3 12.2(2004022 12.2(2004022 Ok Mod Online Diag Status --- ------------------6 Pass Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-744 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces accounting show interfaces accounting To display the number of packets of each protocol type that have been sent through all configured interfaces, use the show interfaces accounting command. show interfaces [{interface interface-number} | {null interface-number} | {vlan vlan-id}] accounting Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, and port-channel, atm, and ge-wan. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. vlan vlan-id (Optional) Specifies the VLAN ID; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note The Pkts Out and Chars Out fields display IPv6 packet counts only. The Pkts In and Chars In fields display both IPv4 and IPv6 packet counts, except for tunnel interfaces. For tunnel interfaces, the IPv6 input packets are counted as IPv6 packets only. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The port channels from 257 to 282 are internally allocated and are supported on the CSM and the FWSM only. If you do not enter any keywords, all counters for all modules are displayed. Examples This example shows how to display the number of packets of each protocol type that have been sent through all configured interfaces: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-745 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces accounting Router# show interfaces gigabitethernet5/2 accounting GigabitEthernet5/2 Protocol Pkts In Chars In Pkts Out Chars Out IP 50521 50521000 0 0 DEC MOP 0 0 1 129 CDP 0 0 1 592 IPv6 11 834 96 131658 Router# Table 2-37 describes the fields that are shown in the example. Table 2-37 show interfaces accounting Command Output Fields Field Description Protocol Protocol that is operating on the interface. Pkts In Number of IPv4 packets received for the specified protocol. Chars In Number of IPv4 characters received for the specified protocol. Pkts Out Number of hardware-switched IPv6 packets transmitted for the specified protocol. Chars Out Number of IPv6 characters transmitted for the specified protocol. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-746 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces capabilities show interfaces capabilities To display the interface capabilities for a module, an interface, or all interfaces, use the show interfaces capabilities command. show interfaces [interface interface-number] capabilities [{module number}] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and port-channel, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. module number (Optional) Specifies the module number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 2 to 13 and valid values for the port number are from 1 to 48. The port-channel values are from 0 to 282; values from 257 to 282 are supported on the CSM and the FWSM only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-747 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces capabilities Examples This example shows how to display the interface capabilities for a module: Router# show interfaces capabilities module 6 FastEthernet6/1 Dot1x: yes Model: WS-X6248-RJ-45 Type: 10/100BaseTX Speed: 10,100,auto Duplex: half,full Trunk encap. type: 802.1Q,ISL Trunk mode: on,off,desirable,nonegotiate Channel: yes Broadcast suppression: percentage(0-100) Flowcontrol: rx-(off,on),tx-(none) Membership: static Fast Start: yes QOS scheduling: rx-(1q4t), tx-(2q2t) CoS rewrite: yes ToS rewrite: yes Inline power: no SPAN: source/destination UDLD yes Link Debounce: yes Link Debounce Time: no Ports on ASIC: 1-12 Port-Security: yes Router# This example shows how to display the interface capabilities for an interface: Router# show interfaces fastethernet 4/1 capabilities FastEthernet4/1 Model: WS-X6348-RJ-45 Type: 10/100BaseTX Speed: 10,100,auto Duplex: half,full Trunk encap. type: 802.1Q,ISL Trunk mode: on,off,desirable,nonegotiate Channel: yes Broadcast suppression: percentage(0-100) Flowcontrol: rx-(off,on),tx-(none) Fast Start: yes QOS scheduling: rx-(1q4t), tx-(2q2t) CoS rewrite: yes ToS rewrite: yes Inline power: no SPAN: source/destination This example shows how to display the port-channel interface capabilities: Router# show interfaces port-channel 12 capabilities Port-channel12 Model: NO IDPROM Type: unknown Speed: 10,100,1000,auto Duplex: half,full Trunk encap. type: 802.1Q,ISL Trunk mode: on,off,desirable,nonegotiate Channel: yes Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-748 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces capabilities Broadcast suppression: Flowcontrol: Fast Start: QOS scheduling: CoS rewrite: ToS rewrite: Inline power: SPAN: Router# percentage(0-100) rx-(off,on),tx-(none) yes rx-(1q4t), tx-(1q4t) yes yes no source/destination Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-749 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces counters show interfaces counters To display the traffic that the physical interface sees, use the show interfaces counters command. show interfaces [interface] counters [errors | etherchannel | {module number} | {protocol status} | {trunk [module number]}] Syntax Description interface (Optional) Interface type; for a list of valid values, see the “Usage Guidelines” section. errors (Optional) Displays the interface-error counters. etherchannel (Optional) Displays information about the EtherChannel interface. module number (Optional) Displays the module number; see the “Usage Guidelines” section for valid values. protocol status (Optional) Displays the current status of the enabled protocols. trunk (Optional) Displays the interface-trunk counters. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show interfaces [interface] counters command displays the number of all of the packets arriving and includes the number of packets that may be dropped by the interface due to the storm-control settings. To display the total number of dropped packets, you can enter the show interfaces [interface] counters storm-control command. If you do not enter any keywords, all counters for all modules are displayed. When you enter the interface, these formats can be used: • card-type {slot}/{first-port} - {last-port} • card-type {slot}/{first-port} - {last-port} You can define a single port range per command entry. If you specify a range of ports, the range must consist of the same slot and port type. When you define a range, you must enter a white space between the first port and the hyphen (-) as follows: show interfaces gigabitethernet7/1 -7 counters The module number keyword and argument designate the module number and limit the display to interfaces on the module. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-750 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces counters Valid values for card-type are as follows: • ethernet • fastethernet • gigabitethernet • tengigabitethernet • port-channel interface-number—Valid values are from 1 to 282; values from 257 to 282 are supported on the CSM and the FWSM only. When you enter the show interfaces interface counters etherchannel command, follow these guidelines: Examples • If interface specifies a physical port, the command displays this message, “Etherchnl not enabled on this interface.” • If interface is omitted, the command displays the counters for all port channels (in the system) and for their associated physical ports. • If interface specifies a port channel, the command displays the counters for the port channel and all of the physical ports that are associated with it. In addition, when you enter the command specifying the primary aggregator in a LACP port channel with multiple aggregators, the output includes the statistics for all of the aggregators in the port channels and for the ports that are associated with them. This example shows how to display the error counters for a specific module: Router# show interfaces counters errors module 1 Port Align-Err FCS-Err Xmit-Err Rcv-Err UnderSize Gi1/1 0 0 0 0 0 Gi1/2 0 0 0 0 0 Port s Gi1/1 Gi1/2 Router# Single-Col Multi-Col 0 0 Late-Col Excess-Col Carri-Sen 0 0 0 0 0 0 Runts Giant 0 0 0 0 0 0 This example shows how to display traffic that is seen by a specific module: Router# show interfaces counters module 1 Port Gi1/1 Gi1/2 Port Gi1/1 Gi1/2 Router# InOctets 0 0 InUcastPkts 0 0 InMcastPkts 0 0 InBcastPkts 0 0 OutOctets 0 0 OutUcastPkts 0 0 OutMcastPkts 0 0 OutBcastPkts 0 0 This example shows how to display the trunk counters for a specific module: Router# show interfaces counters trunk module 1 Port Gi1/1 Gi1/2 Router# TrunkFramesTx 0 0 TrunkFramesRx 0 0 WrongEncap 0 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-751 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces counters This example shows how to display the counters for all port channels (in the system) and their associated physical ports: Router# show interfaces counters etherchannel Port InOctets InUcastPkts InMcastPkts Po1 5518 1 29 Fa3/48 5518 1 29 Po2 11897 2 54 Fa3/45 5878 1 27 Fa3/46 6019 1 27 Po3 0 0 0 Po5 6073 1 27 Fa3/44 6073 1 27 Po5A 7811 1 53 Fa3/43 7811 1 53 Port Po1 Fa3/48 Po2 Fa3/45 Fa3/46 Po3 Po5 Fa3/44 Po5A Fa3/43 OutOctets 4333 4333 9532 4766 4766 0 17224 17224 174426 174426 OutUcastPkts 1 1 2 1 1 0 1 1 1 1 OutMcastPkts 24 24 46 23 23 0 214 214 2669 2669 InBcastPkts 1 1 2 1 1 0 1 1 1 1 OutBcastPkts 1 1 2 1 1 0 1 1 1 1 This example shows how to display the counters for a specific port channel and the counters for the associated physical ports: Router# show interfaces port-channel2 counters etherchannel Port Po2 Fa3/48 Port Po2 Fa3/48 Router# InOctets 6007 6007 InUcastPkts 1 1 InMcastPkts 31 31 InBcastPkts 1 1 OutOctets 4428 4428 OutUcastPkts 1 1 OutMcastPkts 25 25 OutBcastPkts 1 1 This example shows how to display the discard count and the level settings for each mode: Router# show interfaces counters storm-control Port Fa5/1 Fa5/2 Fa5/3 . . . Router# Related Commands UcastSupp % 100.0 100.0 100.0 McastSupp % 100.0 100.0 100.0 BcastSupp % 100.0 100.0 100.0 Command Description clear counters Clears the interface counters. TotalSuppDiscards 0 0 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-752 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces debounce show interfaces debounce To display the status and configuration for the debounce timer, use the show interfaces debounce command. show interfaces [{interface interface-number} | {null interface-number} | {vlan vlan-id}] debounce [module num] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, port-channel, pos, atm, and ge-wan. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number (Optional) Specifies the null interface; the valid value is 0. vlan vlan-id (Optional) Specifies the VLAN; valid values are from 1 to 4094. module num (Optional) Limits the display to interfaces on the specified module. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The debounce timer is not supported on the 10-Gigabit Ethernet module (WSX-6502-10GE). The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The port-channel values are from 0 to 282; values from 257 to 282 are supported on the CSM and the FWSM only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-753 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces debounce Examples This example shows how to display the debounce configuration of an interface: Router# show interfaces GigabitEthernet1/1 debounce Port Debounce time Value Gi1/1 enable 100 Router# Related Commands Command Description link debounce Enables the debounce timer on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-754 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces description show interfaces description To display a description and a status of an interface, use the show interfaces description command. show interfaces [interface] description Syntax Description interface Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Interface type; for a list of valid values, see the “Usage Guidelines” section. When you enter the interface value, these formats can be used: • card-type {slot}/{first-port} - {last-port} • card-type {slot}/{first-port} - {last-port} You can define a single port range per command entry. If you specify a range of ports, the range must consist of the same slot and port type. When you define a range, you must enter a space before and after the hyphen (-) as follows: show interfaces gigabitethernet7/1 - 7 counters broadcast Possible valid values for card-type are ethernet, fastethernet, gigabitethernet, tengigabitethernet, port-channel, pos, atm, and ge-wan. The port-channel values are from 0 to 282; values from 257 to 282 are supported on the CSM and the FWSM only. Examples This example shows how to display the information for all interfaces: Router# show interfaces description Interface Status Protocol Description PO0/0 admin down down First POS interface PO0/1 admin down down Gi1/0 up up GigE to server farm Router# Related Commands Command Description description Includes a specific description about the DSP interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-755 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces flowcontrol show interfaces flowcontrol To display flow-control information, use the show interfaces flowcontrol command. show interfaces [interface [mod]] flowcontrol [module number] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, port-channel, pos, atm, and ge-wan. mod (Optional) Module and port number. module number (Optional) Specifies the module number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The mod argument designates the module and port number. Valid values for mod depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. The module number keyword and argument designate the module number and limit the display to interfaces on the module. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. The port-channel values are from 0 to 282; values from 257 to 282 are supported on the CSM and the FWSM only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-756 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces flowcontrol Examples This example shows how to display flow-control information for all interfaces: Router# show interfaces flowcontrol Port Send FlowControl admin oper -------- -------desired off desired off on on ----Gi1/1 Gi1/2 Gi3/1 . . . Gi8/2 desired Gi8/3 desired Gi8/4 desired Router# off off off Receive FlowControl admin oper -------- -------off off off off on on RxPause TxPause ------0 0 0 ------0 0 0 off off off 0 0 0 0 0 0 off off off This example shows how to display flow-control information for a specific interface: Router# show interfaces gigabitethernet 8/2 flowcontrol Port Send FlowControl Receive FlowControl RxPause TxPause admin oper admin oper ----- -------- -------- -------- -------- ------- ------Gi8/2 desired off off off 0 0 Router# Table 2-38 describes the fields that are shown in the example. Table 2-38 show port flowcontrol Command Output Fields Field Description Port Interface type and module and port number. Send admin Flow-control operation for admin state. On indicates that the local port is allowed to send pause frames to remote ports, off indicates that the local port is prevented from sending pause frames to remote ports, and desired indicates predictable results whether a remote port is set to receive on, receive off, or receive desired. Send oper Current flow-control operation. On indicates that the local port is allowed to send pause frames to remote ports, off indicates that the local port is prevented from sending pause frames to remote ports, and desired indicates predictable results whether a remote port is set to receive on, receive off, or receive desired. Receive admin Flow-control operation for admin state. On indicates that the local port is allowed to send pause frames to remote ports, off indicates that the local port is prevented from sending pause frames to remote ports, and desired indicates predictable results whether a remote port is set to send on, send off, or send desired. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-757 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces flowcontrol Table 2-38 show port flowcontrol Command Output Fields (continued) Related Commands Field Description Receive oper Current flow-control operation. On indicates that the local port is allowed to send pause frames to remote ports, off indicates that the local port is prevented from sending pause frames to remote ports, and desired indicates predictable results whether a remote port is set to send on, send off, or send desired. RxPause Number of pause frames that are received. TxPause Number of pause frames that are transmitted. Command Description flowcontrol Configures a port to send or receive pause frames. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-758 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces private-vlan mapping show interfaces private-vlan mapping To display the information about the PVLAN mapping for VLAN SVIs, use the show interfaces private-vlan mapping command. show interfaces [interface interface-number] private-vlan mapping [active] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. active (Optional) Displays the active interfaces only. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command displays SVI information only. The interface-number argument designates the module and port number. Valid values for interface-number depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display the information about the PVLAN mapping: Router# show interfaces private-vlan mapping Interface Secondary VLAN Type --------- -------------- ----------------vlan2 301 community vlan2 302 community Router# Related Commands Command Description private-vlan Configures PVLANs and the association between a PVLAN and a secondary VLAN. private-vlan mapping Creates a mapping between the primary and the secondary VLANs so that both VLANs share the same primary VLAN SVI. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-759 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces status show interfaces status To display the interface status or a list of interfaces in an error-disabled state on LAN ports only, use the show interfaces status command. show interfaces [interface interface-number] status [err-disabled | module number] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. err-disabled (Optional) Displays the LAN ports in an error-disabled state. module number (Optional) Specifies the module number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. This command is supported on LAN ports only. The module number keyword and argument designate the module number and limit the display to the interfaces on the module. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. To find out if an interface is inactive, enter the show interfaces status command. If the interface is inactive, the Status field displays “inactive.” If the port is not inactive, the Status field displays “none.” To find the packet and byte count, you can enter the show interfaces counters command or the show interfaces interface interface-number status command. The show interfaces counters command is the preferred command to use. In some cases, the packet and byte count of the show interfaces interface interface-number status command is incorrect. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-760 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces status Examples This example shows how to display the status of all LAN ports: Router# show interfaces status Port Name Gi1/1 Gi1/2 Fa5/1 . . . Port Name Fa5/18 Fa5/19 Gi7/1 Gi7/2 Router# Status disabled notconnect disabled Status disabled disabled disabled disabled Vlan routed 1 routed Vlan 1 1 1 1 Duplex Speed Type full 1000 missing full 1000 unknown (4) auto auto 10/100BaseTX Duplex auto auto full full Speed auto auto 1000 1000 Type 10/100BaseTX 10/100BaseTX WDM-RXONLY No Transceiver This example shows how to display the packet and byte count of a specific LAN port: Router# show interfaces fastethernet5/2 status FastEthernet5/2 Switching path Pkts In Chars In Pkts Out Chars Out Processor 17 1220 20 2020 Route cache 0 0 0 0 Distributed cache 17 1220 206712817 2411846570 Total 34 2440 206712837 2411848590 Router# This example shows how to display the status of LAN ports in an error-disabled state: Router# show interfaces status err-disabled Port Fa9/4 Name Status notconnect Reason link-flap informational error message when the timer expires on a cause -------------------------------------------------------------5d04h:%PM-SP-4-ERR_RECOVER:Attempting to recover from link-flap err-disable state on Fa9/4 Router# Related Commands Command Description errdisable detect cause Enables the error-disable detection. show errdisable recovery Displays the information about the error-disable recovery timer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-761 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces summary show interfaces summary To display a summary of statistics for all interfaces that are configured on a networking device, use the show interfaces summary command. show interfaces [interface interface-number] summary [vlan] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. vlan (Optional) Displays the total number of VLAN interfaces. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Separate counters for subinterfaces are not maintained and are not displayed in the show interfaces summary output. Examples This example shows how to display a summary of statistics for all interfaces that are configured on a networking device: Router# show interfaces summary *: interface is up IHQ: pkts in input hold queue IQD: pkts dropped from input queue OHQ: pkts in output hold queue OQD: pkts dropped from output queue RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec) TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec) TRTL: throttle count Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL ---------------------------------------------------------------------* FastEthernet0/0 0 0 0 0 0 0 0 0 0 Serial0/0 0 0 0 0 0 0 0 0 0 FastEthernet0/1 0 0 0 0 0 0 0 0 0 Serial0/1 0 0 0 0 0 0 0 0 0 Router# This example shows how to display the total number of VLAN interfaces: Router# show interfaces summary vlan Total number of Vlan interfaces: 7 Vlan interfaces configured: 1,5,20,2000,3000-3001,4000 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-762 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces summary Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-763 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces switchport show interfaces switchport To display the administrative and operational status of a switching (nonrouting) port, use the show interfaces switchport command. show interfaces [interface interface-number] switchport [brief] [module number] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. brief (Optional) Displays a brief summary of information. module number (Optional) Limits the display to interfaces on a specified module; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number designates the module and port number. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display switch-port information using the include output modifier: Router# show interfaces switchport | include VLAN Name: Fa5/6 Access Mode VLAN: 200 (VLAN0200) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Pruning VLANs Enabled: ALL . . . Router# This example shows how to display the configurations of two multiple VLAN access ports: Router# show interfaces switchport Name: Fa5/1 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-764 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces switchport Switchport: Enabled Administrative Mode: access Operational Mode: access Dot1q Ethertype: 0x8200 Operational Trunking Encapsulation: dot1q Negotiation of Trunking: off Access Mode VLAN: 100 Voice VLAN: 102 Trunking Native Mode VLAN: 1 (default) Administrative private-vlan host-association: none Administrative private-vlan mapping: 900 ((Inactive)) 901 ((Inactive)) Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Name: Fa5/2 Switchport: Enabled Administrative Mode: access Operational Mode: down Dot1q Ethertype: 0x8200 Operational Trunking Encapsulation: native Negotiation of Trunking: Off Access Mode VLAN: 100 Voice VLAN: 103 ((inactive)) Trunking Native Mode VLAN: 1 (default) . . . This example shows how to display a brief summary of information: Router# show interfaces switchport brief module 3 Port Status Op.Mode Op.Encap Channel-id Vlan Fa3/1 connected access native -- 1 Fa3/7 disabled -- dot1q Po26 1 Fa3/13 connected access native -- 666 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-765 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces switchport backup show interfaces switchport backup To display Flexlink pairs, use the show interfaces switchport backup command. show interfaces [interface interface-number] switchport backup Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number designates the module and port number. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to display all Flexlink pairs: Router# show interfaces switchport backup Switch Backup Interface Pairs: Active Interface Backup Interface State -----------------------------------------------------------------------FastEthernet3/1 FastEthernet4/1 Active Up/Backup Standby FastEthernet5/1 FastEthernet5/2 Active Down/Backup Up FastEthernet3/2 FastEthernet5/4 Active Standby/Backup Up Po1 Po2 Active Down/Backup Down Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-766 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces switchport backup This example shows how to display a specific Flexlink port: Router# show interfaces fastethernet 4/1 switchport backup Switch Backup Interface Pairs: Active Interface Backup Interface State -----------------------------------------------------------------------FastEthernet3/1 FastEthernet4/1 Active Up/Backup Standby Router# Related Commands Command Description switchport backup Configures an interface as a Flexlink backup interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-767 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces transceiver show interfaces transceiver To display information about the optical transceivers that have DOM enabled, use the show interfaces transceiver command. show interfaces [interface interface-number] transceiver [threshold violations] [detail | {module number}] Syntax Description interface (Optional) Interface type; possible valid values are gigabitethernet and tengigabitethernet. interface-number Module and port number; see the “Usage Guidelines” section for valid values. threshold violations (Optional) Displays information about the interface transceiver threshold violations. detail (Optional) Displays detailed information about the interface transceiver. module number (Optional) Specifies the module number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines After a transceiver is inserted, the software waits approximately 10 seconds before reading the diagnostic monitoring information. If you enter the show interfaces transceiver command before the software has read the diagnostic monitoring information, the following message is displayed: Waiting for diagnostic monitoring information to settle down. Please try again after a few seconds. Wait a few seconds and reenter the show interfaces transceiver command. The interface interface-number arguments are supported on interfaces that have a transceiver that has diagnostic monitoring enabled and the transceiver is in a module that supports the reading of diagnostic monitoring information. Examples This example shows how to display transceiver information: Router# show interfaces transceiver If device is externally calibrated, only calibrated values are printed. ++ : high alarm, + : high warning, - : low warning, -- : low alarm. NA or N/A: not applicable, Tx: transmit, Rx: receive. mA: milliamperes, dBm: decibels (milliwatts). Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-768 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces transceiver Port ------Gi1/1 Gi2/1 Gi2/2 Router# Temperature (Celsius) ----------40.6 35.5 49.5 Voltage (Volts) ------5.09 5.05 3.30 Current (mA) -------0.4 0.1 0.0 Optical Tx Power (dBm) --------25.2 -29.2 7.1 Optical Rx Power (dBm) -------N/A N/A -18.7 This example shows how to display detailed transceiver information: Router# show interfaces transceiver detail mA: milliamperes, dBm: decibels (milliwatts), NA or N/A: not applicable. ++ : high alarm, + : high warning, - : low warning, -- : low alarm. A2D readouts (if they differ), are reported in parentheses. The threshold values are calibrated. High Alarm Threshold (Celsius) ---------100.0 100.0 70.0 70.0 High Warn Threshold (Celsius) --------100.0 100.0 60.0 60.0 Low Warn Threshold (Celsius) --------0.0 0.0 5.0 5.0 Low Alarm Threshold (Celsius) --------0.0 0.0 0.0 0.0 Port ------Gi1/1 Gi1/2 Gi2/1 Gi2/2 Voltage (Volts) --------------3.30 3.30 5.03 5.02 High Alarm Threshold (Volts) ---------6.50 6.50 5.50 5.50 High Warn Threshold (Volts) --------6.50 6.50 5.25 5.25 Low Warn Threshold (Volts) --------N/A N/A 4.75 4.75 Low Alarm Threshold (Volts) --------N/A N/A 4.50 4.50 Port ------Gi1/1 Gi1/2 Gi2/1 Gi2/2 Current (milliamperes) ----------------0.0 1.7 50.6 + 25.8 High Alarm Threshold (mA) ---------130.0 130.0 60.0 60.0 High Warn Threshold (mA) --------130.0 130.0 40.0 40.0 Low Warn Threshold (mA) --------N/A N/A 10.0 10.0 Low Alarm Threshold (mA) --------N/A N/A 5.0 5.0 Port ------Gi1/1 Gi1/2 Gi2/1 Gi2/2 Optical Transmit Power (dBm) ----------------8.1 ++ -9.8 -16.7 -0.8 High Alarm Threshold (dBm) ---------8.1 8.1 3.4 3.4 High Warn Threshold (dBm) --------8.1 8.1 3.2 3.2 Low Warn Threshold (dBm) --------N/A N/A -0.3 -0.3 Low Alarm Threshold (dBm) --------N/A N/A -0.5 -0.5 Optical Receive Power (dBm) ----------------N/A -30.9 N/A N/A High Alarm Threshold (dBm) ---------8.1 8.1 5.9 5.9 High Warn Threshold (dBm) --------8.1 8.1 -6.7 -6.7 Low Warn Threshold (dBm) --------N/A N/A -28.5 -28.5 Low Alarm Threshold (dBm) --------N/A N/A -28.5 -28.5 Temperature Port (Celsius) ------- -----------------Gi1/1 48.1 Gi1/2 34.9 Gi2/1 43.5 Gi2/2 39.1 Port ------Gi1/1 Gi1/2 Gi2/1 Gi2/2 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-769 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces transceiver This example shows how to display the threshold violations for all the transceivers on a Catalyst 6500 series switch: Router# show interfaces transceiver threshold violations Rx: Receive, Tx: Transmit. DDDD: days, HH: hours, MM: minutes, SS: seconds Time since Last Known Time in slot Threshold Violation Port (DDDD:HH:MM:SS) (DDDD:HH:MM:SS) ------- --------------- ---------------------Gi1/1 0000:00:03:41 Not applicable Gi2/1 0000:00:03:40 0000:00:00:30 0000:00:00:30 Gi2/2 0000:00:03:40 Not applicable Type(s) of Last Known Threshold Violation(s) ---------------------Not applicable Tx bias high warning 50.5 mA > 40.0 mA Tx power low alarm -17.0 dBm < -0.5 dBm Not applicable Router# This example shows how to display the threshold violations for all transceivers on a specific module: Router# show interfaces transceiver threshold violations module 2 lo: low, hi: high, warn: warning DDDD: days, HH: hours, MM: minutes, SS: seconds Time since Last Known Time in slot Threshold Violation Port (DDDD:HH:MM:SS) (DDDD:HH:MM:SS) ------- -------------- ---------------------Gi2/1 0000:00:03:40 0000:00:00:30 0000:00:00:30 Gi2/2 0000:00:03:40 Not applicable Type(s) of Last Known Threshold Violation ---------------------Tx bias high warning 50.5 mA > 40.0 mA Tx power low alarm -17.0 dBm < -0.5 dBm Not applicable Router# This example shows how to display violations for the transceiver on a specific interface: Router# show interfaces Gi2/1 transceiver threshold violations Rx: Receive, Tx: Transmit. DDDD: days, HH: hours, MM: minutes, SS: seconds Time since Last Known Time in slot Threshold Violation Port (DDDD:HH:MM:SS) (DDDD:HH:MM:SS) ------- --------------- ---------------------Gi2/1 0000:00:03:40 0000:00:00:30 0000:00:00:30 Type(s) of Last Known Threshold Violation(s) ---------------------Tx bias high warning 50.5 mA > 40.0 mA Tx power low alarm -17.0 dBm < -0.5 dBm Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-770 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces trunk show interfaces trunk To display the interface-trunk information, use the show interfaces trunk command. show interfaces [interface interface-number] trunk [module number] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. module number (Optional) Specifies the module number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify a keyword, only information for trunking ports is displayed. The interface-number designates the module and port number. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. The module number keyword and argument designate the module number and limit the display to interfaces on the module. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 1 to 13. Examples This example shows how to display the interface-trunk information for module 5: Router# show interfaces trunk module 5 Port Fa5/1 Fa5/2 Fa5/3 Fa5/4 Fa5/5 Fa5/6 Fa5/7 Fa5/8 Fa5/9 Mode routed routed routed routed routed off off off desirable Encapsulation negotiate negotiate negotiate negotiate negotiate negotiate negotiate negotiate n-isl Status routed routed routed routed routed not-trunking not-trunking not-trunking trunking Native vlan 1 1 1 1 1 10 10 1 1 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-771 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces trunk Fa5/10 Fa5/11 Fa5/12 desirable routed routed negotiate negotiate negotiate not-trunking routed routed 1 1 1 . . . Fa5/48 routed negotiate routed 1 Port Fa5/1 Fa5/2 Fa5/3 Fa5/4 Fa5/5 Fa5/6 Fa5/7 Fa5/8 Fa5/9 Fa5/10 Fa5/11 Fa5/12 Vlans allowed on trunk none none none none none none none 200 1-1005 none none none . . . Fa5/48 none Port Vlans allowed and active in management domain Fa5/1 none Fa5/2 none Fa5/3 none Fa5/4 none Fa5/5 none Fa5/6 none Fa5/7 none Fa5/8 200 Fa5/9 1-6,10,20,50,100,152,200,300,303-305,349-351,400,500,521,524,570,801-8 02,850,917,999,1002-1005 Fa5/10 none Fa5/11 none Fa5/12 none . . . Fa5/48 none Port Vlans in spanning tree forwarding state and not pruned Fa5/1 none Fa5/2 none Fa5/3 none Fa5/4 none Fa5/5 none Fa5/6 none Fa5/7 none Fa5/8 200 Fa5/9 1-6,10,20,50,100,152,200,300,303-305,349-351,400,500,521,524,570,801-8 02,850,917,999,1002-1005 Fa5/10 none Fa5/11 none Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-772 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces trunk . . . Fa5/48 Router# none This example shows how to display the trunking information for active trunking ports: Router# show interfaces trunk Port Fa5/9 Mode desirable Encapsulation n-isl Port Fa5/9 Vlans allowed on trunk 1-1005 Status trunking Native vlan 1 Port Vlans allowed and active in management domain Fa5/9 1-6,10,20,50,100,152,200,300,303-305,349-351,400,500,521,524,570,801-8 02,850,917,999,1002-1005 Port Vlans in spanning tree forwarding state and not pruned Fa5/9 1-6,10,20,50,100,152,200,300,303-305,349-351,400,500,521,524,570,801-8 02,850,917,999,1002-1005 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-773 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces unidirectional show interfaces unidirectional To display the operational state of an interface with a receive-only transceiver, use the show interfaces unidirectional command. show interfaces [interface interface-number] unidirectional [module number] Syntax Description interface (Optional) Interface type; possible valid values are gigabitethernet and tengigabitethernet. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. module number (Optional) Specifies the module number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify a keyword, only information for trunking ports is displayed. The interface-number designates the module and port number. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 2 to 13 and valid values for the port number are from 1 to 48. The module number keyword and argument designate the module number and limit the display to interfaces on the module. Valid values depend on the chassis that is used. For example, if you have a 13-slot chassis, valid values for the module number are from 2 to 13. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-774 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces unidirectional Examples This example shows how to display the operational state of an interface with a receive-only transceiver: Router# show interfaces gigabitethernet5/2 unidirectional Unidirectional configuration mode: send only Unidirectional operational mode: receive only CDP neighbour unidirectional configuration mode: off Router# Related Commands Command Description show interfaces status Displays the interface status or a list of interfaces in an error-disabled state on LAN ports only. unidirectional Configures the software-based UDE. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-775 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show interfaces vlan mapping show interfaces vlan mapping To display the status of a VLAN mapping on a port, use the show interfaces vlan mapping command. show interfaces [interface interface-number] vlan mapping Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, vlan, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number designates the module and port number or the VLAN number. Valid values depend on the chassis and module that are used. For example, if you have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the slot number are from 1 to 13 and valid values for the port number are from 1 to 48. Examples This example shows how to list all of the VLAN mappings that are configured on a port and indicate whether such mappings are enabled or disabled on the port: Router# show interfaces gigabitethernet5/2 vlan mapping State: enabled Original VLAN Translated VLAN ------------- --------------1649 755 Router# Related Commands Command Description show vlan mapping Registers a mapping of an 802.1Q VLAN to an ISL VLAN. switchport vlan mapping enable Enables VLAN mapping per switch port. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-776 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip arp inspection show ip arp inspection To display the status of DAI for a specific range of VLANs, use the show ip arp inspection command. show ip arp inspection [{interfaces [interface-name]} | {statistics [vlan vlan-range]}] Syntax Description interfaces interface-name (Optional) Displays the trust state and the rate limit of ARP packets for the provided interface. statistics (Optional) Displays statistics for the following types of packets that have been processed by this feature: forwarded, dropped, MAC validation failure, and IP validation failure. vlan vlan-range (Optional) Displays the statistics for the selected range of VLANs. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not enter the statistics keyword, the configuration and operating state of DAI for the selected range of VLANs is displayed. If you do not specify the interface name, the trust state and rate limit for all applicable interfaces in the system are displayed. Examples This example shows how to display the statistics of packets that have been processed by DAI for VLAN 3: Router# show ip arp inspection statistics vlan 3 Vlan ---3 Forwarded --------31753 Dropped ------102407 Vlan ---3 DHCP Permits -----------31753 ACL Permits ----------0 Vlan Dest MAC Failures -------------------3 0 Router# DHCP Drops ---------102407 ACL Drops ---------0 Source MAC Failures ------------------0 IP Validation Failures ---------------------0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-777 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip arp inspection This example shows how to display the statistics of packets that have been processed by DAI for all active VLANs: Router# show ip arp inspection statistics Vlan ---1 2 3 4 100 101 1006 1007 Forwarded --------0 0 68322 0 0 0 0 0 Dropped ------0 0 220356 0 0 0 0 0 Vlan ---1 2 3 4 100 101 1006 1007 DHCP Permits -----------0 0 68322 0 0 0 0 0 ACL Permits ----------0 0 0 0 0 0 0 0 Vlan Dest MAC Failures -------------------1 0 2 0 3 0 4 0 100 0 101 0 1006 0 1007 0 Router# DHCP Drops ---------0 0 220356 0 0 0 0 0 ACL Drops ---------0 0 0 0 0 0 0 0 Source MAC Failures ------------------0 0 0 0 0 0 0 0 IP Validation Failures ---------------------0 0 0 0 0 0 0 0 This example shows how to display the configuration and operating state of DAI for VLAN 1: Router# show ip arp inspection vlan 1 Source Mac Validation : Disabled Destination Mac Validation : Disabled IP Address Validation : Disabled Vlan ---1 Vlan ---1 Router# Configuration ------------Enabled Operation --------Active ACL Logging ----------Deny DHCP Logging -----------Deny ACL Match --------- Static ACL ---------- This example shows how to display the trust state of interface Fa6/3: Router# show ip arp inspection interfaces fastEthernet 6/3 Interface Trust State Rate (pps) Burst Interval --------------- --------------------------------Fa6/1 Untrusted 20 5 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-778 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip arp inspection This example shows how to display the trust state of the interfaces on the switch: Router# show ip arp inspection interfaces Interface Trust State Rate (pps) --------------- -------------------Gi1/1 Untrusted 15 Gi1/2 Untrusted 15 Gi3/1 Untrusted 15 Gi3/2 Untrusted 15 Fa3/3 Trusted None Fa3/4 Untrusted 15 Fa3/5 Untrusted 15 Fa3/6 Untrusted 15 Fa3/7 Untrusted 15 Router# Related Commands Command Description arp access-list Configures an ARP ACL for ARP inspection and QoS filtering and enters the ARP ACL configuration submode. clear ip arp inspection Clears the status of the log buffer. log show ip arp inspection Displays the status of DAI for a specific range of VLANs. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-779 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip arp inspection log show ip arp inspection log To show the status of the log buffer, use the show ip arp inspection log command. show ip arp inspection log Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the current contents of the log buffer before and after the buffers are cleared: Router# show ip arp inspection log Total Log Buffer Size : 10 Syslog rate : 0 entries per 10 seconds. Interface --------------Fa6/3 Fa6/3 Fa6/3 Fa6/3 Fa6/3 Fa6/3 Fa6/3 Fa6/3 Fa6/3 Fa6/3 -Router# Vlan ----1 1 1 1 1 1 1 1 1 1 -- Sender MAC Sender IP Num of Pkts ----------------- --------------- ----------0002.0002.0002 1.1.1.2 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.3 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.4 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.5 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.6 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.7 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.8 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.9 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.10 1(12:02:52 UTC Fri 0002.0002.0002 1.1.1.11 1(12:02:52 UTC Fri --5(12:02:52 UTC Fri Apr Apr Apr Apr Apr Apr Apr Apr Apr Apr Apr 25 25 25 25 25 25 25 25 25 25 25 2003) 2003) 2003) 2003) 2003) 2003) 2003) 2003) 2003) 2003) 2003) This example shows how to clear the buffer with the clear ip arp inspection log command: Router# clear ip arp inspection log Router# show ip arp inspection log Total Log Buffer Size : 10 Syslog rate : 0 entries per 10 seconds. No entries in log buffer. Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-780 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip arp inspection log Related Commands Command Description clear ip arp inspection Clears the status of the log buffer. log show ip arp inspection Shows the status of the log buffer. log Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-781 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip auth-proxy watch-list show ip auth-proxy watch-list To display the information about the authentication proxy watch list, use the show ip auth-proxy watch-list command. show ip auth-proxy watch-list Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the authentication proxy watch list: Router# show ip auth-proxy watch-list Authentication Proxy Watch-list is enabled Watch-list expiry timeout is 2 minutes Total number of watch-list entries: 3 Source IP 12.0.0.2 12.0.0.3 1.2.3.4 Type MAX_RETRY TCP_NO_DATA CFGED Violation-count MAX_LIMIT MAX_LIMIT N/A Total number of watch-listed users: 3 Router# Related Commands Command Description clear ip auth-proxy watch-list Deletes a single watch-list entry or all watch-list entries. ip auth-proxy max-login-attempts Limits the number of login attempts at a firewall interface. ip auth-proxy watch-list Enables and configures an authentication proxy watch list. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-782 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipc show ipc To display IPC information, use the show ipc command. show ipc {nodes | ports [open] | queue | status} Syntax Description nodes Displays the participating nodes. ports Displays the local IPC ports. open (Optional) Displays the open ports only. queue Displays the contents of the IPC-retransmission queue. status Displays the status of the local IPC server. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display participating nodes: Router# show ipc nodes There are 66 nodes in this IPC realm. ID Type Name 2210000 2000000 2010000 2020000 2040000 Local ICC ICC ICC ICC Card33 Card0 Card1 Card2 Card4 Last Sent 0 0 0 0 0 Last Heard 0 0 0 0 0 0 0 270 0 0 17070 <... output truncated ...> 23E0000 ICC 23F0000 ICC 10000 ICC Router# Card62 Card63 IPC Master This example shows how to display local IPC ports: Router# show ipc ports There are 6 ports defined. Port ID 2210000.1 2210000.2 2210000.3 2210000.4 10000.3 Type unicast unicast unicast unicast unicast Name Card33:Zone Card33:Echo Card33:Control Remote TTY Server Port IPC Master:Control Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-783 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipc 2210000.5 unknown Card33:Request port_index = 0 seat_id = 0x10000 port_index = 1 seat_id = 0x10000 Router# last sent = 0 last sent = 0 last heard = 1158 last heard = 0 This example shows how to display open IPC ports: Router# show ipc ports open There are 4 ports defined. Port ID Type Name 10000.7 unicast Unknown port_index = 0 last sent = 2 last heard = 0 10000.8 unicast Unknown port_index = 0 last sent = 0 last heard = 0 10000.9 unicast Unknown port_index = 0 last sent = 17753 last heard = 0 port_index = 1 last sent = 0 last heard = 0 Router# This example shows how to display the contents of the IPC-retransmission queue: Router# show ipc queue There are 0 IPC messages waiting for acknowledgement in the transmit queue. There are 0 IPC messages waiting for a response. There are 0 IPC messages waiting for additional fragments. There are 2 messages currently in use by the system. Router# This example shows how to display the status of the local IPC server: Router# show ipc status IPC System Status: This processor is a slave server. 1000 IPC message headers in cache 377053 messages in, 293133 out, 210699 delivered to local port, 83655 acknowledgements received, 83870 sent, 0 NACKS received, 0 sent, 0 messages dropped on input, 0 messages dropped on output 0 no local port, 0 destination unknown, 0 no transport 0 missing callback or queue, 0 duplicate ACKs, 0 retries, 0 message timeouts. 0 ipc_output failures, 0 mtu failures, 0 msg alloc failed, 0 emer msg alloc failed, 0 no origs for RPC replies 0 pak alloc failed, 0 memd alloc failed 0 no hwq, 0 failed opens, 0 hardware errors No regular dropping of IPC output packets for test purposes Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-784 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache flow show ip cache flow To display a summary of the NetFlow cache-flow entries, use the show ip cache flow command. show ip cache flow [aggregation type [module num]] Syntax Description aggregation type (Optional) Displays the configuration of a particular aggregation cache; see the “Usage Guidelines” section for valid values. module num (Optional) Displays information about a specific module. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Valid values for aggregation type are as follows: • as—AS aggregation cache • destination-prefix—Destination-prefix aggregation cache • prefix—Source/destination-prefix aggregation cache • protocol-port—Protocol and port aggregation cache • source-prefix—Source-prefix aggregation cache If you enter the show ip cache flow aggregation command without the module num, the software-switched aggregation cache on the route processor (RP) is displayed. Examples This example shows how to display a summary of the NetFlow cache-flow entries: Router# show ip cache flow IP packet size distribution (0 total packets): 1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 IP Flow Switching Cache, 0 bytes 0 active, 0 inactive, 0 added 0 ager polls, 0 flow alloc failures Active flows timeout in 30 minutes Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-785 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache flow Inactive flows timeout in 15 seconds last clearing of statistics never Protocol Total Flows Packets Bytes Packets Active(Sec) Idle(Sec) -------- Flows /Sec /Flow /Pkt /Sec /Flow /Flow SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts Displaying Hardware entries in Module 7 SrcIf SrcIPaddress DstIPaddress Pr SrcP DstP Pkts Fa5/11 11.1.1.38 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.39 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.40 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.41 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.42 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.43 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.44 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.45 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.46 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.47 12.1.1.2 udp 63 63 986796 Fa5/11 11.1.1.48 12.1.1.2 udp 63 63 986796 Router# This example shows how to display the information about a destination-prefix aggregation cache for a specific module: Router# show ip cache flow aggregation destination-prefix module 1 IPFLOW_DST_PREFIX_AGGREGATION records and statistics for module :1 IP Flow Switching Cache, 278544 bytes 2 active, 4094 inactive, 6 added 236 ager polls, 0 flow alloc failures Active flows timeout in 30 minutes Inactive flows timeout in 15 seconds Dst If Gi7/9 Gi7/10 Router# Dst Prefix 9.1.0.0 11.1.0.0 Msk /16 /16 AS 0 0 Flows Pkts B/Pk 3003 12M 64 3000 9873K 64 Active 1699.8 1699.8 Table 2-39 describes the show ip cache flow command output fields. Table 2-39 show ip cache flow Command Output Fields—Packet Size Distribution Field Description IP packet size distribution Two lines below this banner that show the percentage distribution of packets by size range. In this display, 55.4% of the packets fall in the size range of 33 to 64 bytes. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-786 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache flow Table 2-40 describes the fields in the flow-switching cache lines of the output. Table 2-40 show ip cache flow Command Output Fields—Flow-Switching Cache Field Description bytes Number of bytes of memory that the NetFlow cache uses. active Number of active flows in the NetFlow cache at the time this command was entered. inactive Number of flow buffers that are allocated in the NetFlow cache but are not currently assigned to a specific flow at the time this command was entered. added Number of flows that were created since the start of the summary period. ager polls Number of times that the NetFlow code looked at the cache to expire entries (used by Cisco for diagnostics only). flow alloc failures Number of times that the NetFlow code tried to allocate a flow but could not. Exporting flows to IP address and UDP port number of the workstation to which flows are exported. Exporting using source interface Interface type that is used as the source IP address. Version 5 flow records, peer-as Exported packets that use version 5 format and the export statistics that include the peer AS for the source and destination. The number of records stored in the datagram is between 1 and 30 for version 5. Active flows timeout in Timeout period for active flows in the NetFlow cache. flows exported in udp datagrams Total number of flows that are exported and the total number of UDP datagrams that are used to export the flows to the workstation. failed Number of flows that could not be exported by the router because of output interface limitations. last clearing of statistics Standard time output (hh:mm:ss) since the clear ip flow stats command was executed. This time output changes to hours and days after the time exceeds 24 hours. Table 2-41 describes the fields in the NetFlow cctivity by protocol lines of the output. Table 2-41 show ip cache flow Command Output Fields—NetFlow Activity by Protocol Field Description Protocol IP protocol and the well-known port number as described in RFC 1340. Total Flows Number of flows for this protocol since the last time that the statistics were cleared. Flows/Sec Average number of flows for this protocol seen per second; equal to total flows/number of seconds for this summary period. Packets/Flow Average number of packets observed for the flows seen for this protocol. Equal to total packets for this protocol/number of flows for this protocol for this summary period. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-787 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache flow Table 2-41 show ip cache flow Command Output Fields—NetFlow Activity by Protocol (continued) Field Description Bytes/Pkt Average number of bytes observed for the packets seen for this protocol. Equal to total bytes for this protocol/total number of packets for this protocol for this summary period. Packets/Sec Average number of packets for this protocol per second. Equal to total packets for this protocol/total number of seconds for this summary period. Active(Sec)/Flo w Sum of all the seconds from the first packet to the last packet of an expired flow (for example, TCP FIN, time-out, and so forth) in seconds/total flows for this protocol for this summary period. Idle(Sec)/Flow Sum of all the seconds from the last packet seen in each nonexpired flow for this protocol until the time this command was entered in seconds/total flows for this summary period. Table 2-42 describes the fields in the current flow lines of the output. Table 2-42 show ip cache flow Command Output Fields—Current Flow Related Commands Field Description SrcIf Internal port name for the source interface. SrcIPaddress Source-IP address for this flow. DstIf Router internal port name for the destination interface. DstIPaddress Destination-IP address for this flow. Pr IP protocol; for example, 6=TCP, 17=UDP, …. as defined in RFC 1340. SrcP Source port address, TCP/UDP “well known” port number, as defined in RFC 1340. DstP Destination-port address, TCP/UDP “well known” port number, as defined in RFC 1340. Pkts Number of packets observed for this flow. B/Pkt Average observed number of bytes per packet for this flow. Active Number of seconds between first and last packet of a flow. Command Description ip flow-aggregation cache Creates a flow-aggregation cache and enters the aggregation cache configuration mode. ip flow-cache entries Changes the number of entries that are maintained in the NetFlow cache. clear ip flow stats Clears the NetFlow-switching statistics. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-788 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache verbose flow show ip cache verbose flow To display a detailed summary of NetFlow statistics, use the show ip cache verbose flow command. show ip cache verbose flow Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Use the show ip cache verbose flow command to display the flow record fields in the NetFlow cache in addition to the fields that are displayed with the show ip cache flow command. The values in the additional fields that are shown depend on the NetFlow features that are enabled and the flags that are set in the flow. The flags and the fields displayed vary from flow to flow. When you configure the MPLS-aware NetFlow feature, you can use the show ip cache verbose flow command to display both the IP and MPLS portions of the MPLS flows in the NetFlow cache on a router module. To display only the IP portion of the flow record in the NetFlow cache when MPLS-aware NetFlow is configured, use the show ip cache flow command. Examples This example shows how to display a detailed summary of NetFlow statistics: Router# show ip cache verbose flow IP packet size distribution (1094508 total packets): 1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480 .000 1.00 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 IP Flow Switching Cache, 4456704 bytes 2 active, 65534 inactive, 2 added 298 ager polls, 0 flow alloc failures Active flows timeout in 30 minutes Inactive flows timeout in 15 seconds IP Sub Flow Cache, 270600 bytes 4 active, 16380 inactive, 4 added, 2 added to flow 0 alloc failures, 0 force free Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-789 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache verbose flow 1 chunk, 1 chunk added last clearing of statistics never Protocol Total Flows Packets Bytes -------Flows /Sec /Flow /Pkt SrcIf Port Msk AS IPM: OPkts SrcIf Port Msk AS IPM: OPkts Fa5/11 0000 /16 0 FO: 1 Fa5/11 0000 /16 0 FO: 1 SrcIPaddress Packets Active(Sec) Idle(Sec) /Sec /Flow /Flow DstIf Port Msk AS DstIPaddress NextHop Pr TOS Flgs Pkts B/Pk Active DstIf Port Msk AS DstIPaddress NextHop Pr TOS Flgs Pkts B/Pk Active Fa5/12 0000 /16 0 12.1.1.2 12.1.1.2 06 5B 00 46 551K 149.7 Fa5/12 0000 /16 0 12.1.1.2 12.1.1.2 06 5B 00 46 553K 150.4 OBytes SrcIPaddress OBytes 11.1.1.2 11.1.1.3 Displaying Hardware entries in Module 7 SrcIf SrcIPaddress DstIPaddress Pkts -0.0.0.0 0.0.0.0 0 Pr SrcP 0 DstP 0 3 Router# Table 2-43 describes the fields shown in the NetFlow cache lines of the display. Table 2-43 show ip cache verbose flow Field Descriptions in the NetFlow Cache Display Field Description bytes Number of bytes of memory that are used by the NetFlow cache. active Number of active flows in the NetFlow cache at the time this command was entered. inactive Number of flow buffers that are allocated in the NetFlow cache but that are not assigned to a specific flow at the time this command is entered. added Number of flows that were created since the start of the summary period. ager polls Number of times that the NetFlow code caused entries to expire (used by Cisco for diagnostics only). flow alloc failures Number of times that the NetFlow code tried to allocate a flow but could not. last clearing of statistics Standard time output (hh:mm:ss) since the clear ip flow stats privileged EXEC command was last executed. This time output changes to hours and days after the time exceeds 24 hours. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-790 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache verbose flow Table 2-44 describes the fields shown in the activity by the protocol lines of the display. Table 2-44 show ip cache verbose flow Field Descriptions in Activity By Protocol Display Field Description Protocol IP protocol and port number. (Go to http://www.iana.org, Protocol Assignment Number Services, for the latest RFC values.) Note Only a small subset of all protocols is displayed. Total Flows Number of flows for this protocol since the last time statistics were cleared. Flows/Sec Average number of flows for this protocol per second; equal to the total flows divided by the number of seconds for this summary period. Packets/Flow Average number of packets for the flows for this protocol; equal to the total packets for this protocol divided by the number of flows for this protocol for this summary period. Bytes/Pkt Average number of bytes for the packets for this protocol; equal to the total bytes for this protocol divided by the total number of packets for this protocol for this summary period. Packets/Sec Average number of packets for this protocol per second; equal to the total packets for this protocol divided by the total number of seconds for this summary period. Active(Sec)/Flow Number of seconds from the first packet to the last packet of an expired flow (for example, TCP connection close request [FIN], timeout, and so on) divided by the total flows for this protocol for this summary period. Idle(Sec)/Flow Number of seconds observed from the last packet in each nonexpired flow for this protocol until the time at which this command was entered divided by the total flows for this protocol for this summary period. Table 2-45 describes the fields in the NetFlow record lines of the display. Table 2-45 show ip cache verbose flow Field Descriptions in NetFlow Record Display Field Description SrcIf Interface on which the packet was received. Port Msk AS Source port number (displayed in hexadecimal format), IP address mask, and autonomous system number. This field is always set to 0 in MPLS flows. SrcIPaddress IP address of the device that transmitted the packet. DstIf Interface from where the packet was transmitted. Port Msk AS Destination port number (displayed in hexadecimal format), IP address mask, and autonomous system. This field is always set to 0 in MPLS flows. DstIPaddress IP address of the destination device. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-791 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cache verbose flow Table 2-45 show ip cache verbose flow Field Descriptions in NetFlow Record Display (continued) Field Description NextHop BGP next-hop address. This field is always set to 0 in the MPLS flows. Pr IP protocol port number, displayed in hexadecimal format. (Go to http://www.iana.org, Protocol Assignment Number Services, for the latest RFC values.) Related Commands TOS Type of service, displayed in hexadecimal format. B/Pk Average number of bytes that are observed for the packets seen for this protocol. Flgs TCP flags, shown in hexadecimal format (result of bitwise OR of TCP flags from all packets in the flow). Pkts Number of packets in this flow. Active Time the flow has been active. FO Fragment offset. Command Description ip flow-cache mpls label positions Enables MPLS-aware NetFlow. ip route-cache flow Enables NetFlow switching for IP routing. show ip cache flow Displays a summary of the NetFlow cache-flow entries. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-792 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cef epoch show ip cef epoch To display the epoch information for the adjacency table and all FIB tables, use the show ip cef epoch command. show ip cef epoch Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Examples These show commands also display the epoch information for the following: • show ip cef summary—Displays the table epoch for a specific FIB table. • show ip cef detail—Displays the epoch value for each entry of a specific FIB table. • show adjacency summary—Displays the adjacency table epoch. • show adjacency detail—Displays the epoch value for each entry of the adjacency table. This example shows how to display epoch information: Router# show ip cef epoch CEF epoch information: Table:Default-table Table epoch:2 (164 entries at this epoch) Adjacency table Table epoch:1 (33 entries at this epoch) This example shows the output after you clear the epoch table and increment the epoch number: Router# show ip cef epoch CEF epoch information: Table:Default-table Table epoch:2 (164 entries at this epoch) Adjacency table Table epoch:1 (33 entries at this epoch) Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-793 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cef epoch Router# clear ip cef epoch full Router# show ip cef epoch CEF epoch information: Table:Default-table Table epoch:3 (164 entries at this epoch) Adjacency table Table epoch:2 (33 entries at this epoch) Router# Syntax Description Command Description clear ip cef epoch full Begins a new epoch and increments the epoch number for all tables (including the adjacency table). show ip cef Displays entries in the FIB or displays a summary of the FIB. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-794 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cef inconsistency show ip cef inconsistency To display the IP CEF inconsistencies, use the show ip cef inconsistency command. show ip cef [vrf vrf-name] inconsistency [records [detail]] Syntax Description vrf vrf-name (Optional) Specifies a VRF instance. records (Optional) Displays all recorded inconsistencies. detail (Optional) Displays the detailed information for each CEF table entry. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command displays the recorded IP CEF inconsistency records found by the lc-detect, scan-rp, scan-rib, and scan-lc detection mechanisms. You can configure the IP CEF-prefix consistency-detection mechanisms using the ip cef table consistency-check command. Examples This example shows how to display the recorded CEF inconsistency records: Router# show ip cef inconsistency Table consistency checkers (settle time 65s) lc-detect:running 0/0/0 queries sent/ignored/received scan-lc:running [100 prefixes checked every 60s] 0/0/0 queries sent/ignored/received scan-rp:running [100 prefixes checked every 60s] 0/0/0 queries sent/ignored/received scan-rib:running [1000 prefixes checked every 60s] 0/0/0 queries sent/ignored/received Inconsistencies:0 confirmed, 0/16 recorded Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-795 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cef inconsistency Table 2-46 describes the fields shown in the display. Table 2-46 show ip cef inconsistency Field Descriptions Related Commands Field Description settle time Time after a recorded inconsistency is confirmed. lc-detect running Consistency checker lc-detect is running. 0/0/0 queries Number of queries sent, ignored, and received. Inconsistencies: Number of inconsistencies confirmed and recorded. The maximum number of inconsistency records to be recorded is 16. Command Description clear ip cef inconsistency Clears the statistics and records for the CEF-consistency checker. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-796 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cef summary show ip cef summary To display a summary of the IP CEF table, use the show ip cef summary command. show ip cef summary Syntax Description This command has no keywords and arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display a summary of the IP CEF table: Router# show ip cef summary IP Distributed CEF with switching (Table Version 25), flags=0x0 21 routes, 0 reresolve, 0 unresolved (0 old, 0 new), peak 1 21 leaves, 16 nodes, 19496 bytes, 36 inserts, 15 invalidations 0 load sharing elements, 0 bytes, 0 references universal per-destination load sharing algorithm, id 5163EC15 3(0) CEF resets, 0 revisions of existing leaves Resolution Timer: Exponential (currently 1s, peak 1s) 0 in-place/0 aborted modifications refcounts: 4377 leaf, 4352 node Table epoch: 0 (21 entries at this epoch) Adjacency Table has 9 adjacencies Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-797 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip cef vlan show ip cef vlan To display the information about the IP CEF VLAN interface status, the configuration, and the prefixes for a specific interface, use the show ip cef vlan command. show ip cef vlan vlan-id [detail] Syntax Description vlan-id VLAN number; valid values are from 1 to 4094. detail (Optional) Displays the detailed information about the IP CEF VLAN interface. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the prefixes for a specific VLAN: Router> show ip cef vlan 1003 Prefix Next Hop 0.0.0.0/0 172.20.52.1 0.0.0.0/32 receive 10.7.0.0/16 172.20.52.1 10.16.18.0/23 172.20.52.1 Router> Interface FastEthernet3/3 FastEthernet3/3 FastEthernet3/3 This example shows how to display detailed IP CEF information for a specific VLAN: Router> show ip cef vlan 1003 detail IP Distributed CEF with switching (Table Version 2364), flags=0x0 1383 routes, 0 reresolve, 0 unresolved (0 old, 0 new) 1383 leaves, 201 nodes, 380532 bytes, 2372 inserts, 989 invalidations 0 load sharing elements, 0 bytes, 0 references universal per-destination load sharing algorithm, id 9B6C9823 3 CEF resets, 0 revisions of existing leaves refcounts: 54276 leaf, 51712 node Adjacency Table has 5 adjacencies Router> Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-798 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp relay information trusted-sources show ip dhcp relay information trusted-sources To list all the configured trusted interfaces, use the show ip dhcp relay information trusted-sources command. show ip dhcp relay information trusted-sources Syntax Description This command has no arguments or keywords. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display a list of all the configured trusted interfaces: Router# show ip dhcp relay information trusted-sources List of trusted sources of relay agent information option: Vlan60 Vlan62 Router# Related Commands Command Description ip dhcp relay information option trust-all Enables all the interfaces as trusted sources of the DHCP relay-agent information option. ip dhcp relay information trust Enables an interface as a trusted source of the DHCP relay-agent information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-799 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping show ip dhcp snooping To display the DHCP snooping configuration, use the show ip dhcp snooping command. show ip dhcp snooping [statistics [detail]] Syntax Description statistics (Optional) Displays statistics information about DHCP snooping. detail (Optional) Displays the detailed information about DHCP snooping. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the DHCP snooping configuration: Router# show ip dhcp snooping Switch DHCP snooping is enabled DHCP snooping is configured on following VLANs: 5 10 Insertion of option 82 is enabled Interface Trusted Rate limit (pps) ----------------------------------------FastEthernet6/11 no 10 FastEthernet6/36 yes 50 Router# This example shows how to display the DHCP snooping statistics information: Router# show ip dhcp snooping statistics Packets Processed by DHCP Snooping Packets Dropped Because IDB not known Queue full Interface is in errdisabled Rate limit exceeded Received on untrusted ports Nonzero giaddr Source mac not equal to chaddr No binding entry Insertion of opt82 fail Unknown packet Interface Down Unknown output interface Router# = 0 = = = = = = = = = = = = 0 0 0 0 0 0 0 0 0 0 0 0 This example shows how to display detailed DHCP snooping statistics information: Router# show ip dhcp snooping statistics detail Packets Forwarded = 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-800 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping Packets Dropped Packets Dropped From untrusted ports Router# Related Commands Command = 0 = 0 Description clear ip dhcp snooping Clears the IP DHCP table entries. ip dhcp snooping Globally enables DHCP snooping. ip dhcp snooping binding Sets up and generates a DHCP binding configuration to restore bindings across reboots. ip dhcp snooping database Configures the DHCP snooping database. ip dhcp snooping information option Enables DHCP option 82 data insertion. ip dhcp snooping limit Configures the number of the DHCP messages that an interface can receive rate per second. ip dhcp snooping packets Enables DHCP snooping on the tunnel interface. ip dhcp snooping verify mac-address Verifies that the source MAC address in a DHCP packet matches the client hardware address on an untrusted port. ip dhcp snooping vlan Enables DHCP snooping on a VLAN or a group of VLANs. show ip dhcp snooping Displays the DHCP snooping binding entries. binding show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-801 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping binding show ip dhcp snooping binding To display the DHCP snooping binding entries, use the show ip dhcp snooping binding command. show ip dhcp snooping binding [ip-address] [mac-address] [vlan vlan] [interface interface interface-num] Syntax Description ip-address (Optional) IP address for the binding entries. mac-address (Optional) MAC address for the binding entries. vlan vlan (Optional) Specifies a valid VLAN number; valid values are from 1 to 4094. interface interface (Optional) Specifies the interface type; possible valid values are ethernet, fastethernet, gigabitethernet, and tengigabitethernet. interface-num Module and port number. Defaults If no argument is specified, the switch displays the entire DHCP snooping binding table. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines DHCP snooping is enabled on a VLAN only if both the global snooping and the VLAN snooping are enabled. Examples This example shows how to display the DHCP snooping binding entries for a switch: Router# show ip dhcp snooping binding MacAddress ----------0000.0100.0201 Router# IP Address ----------10.0.0.1 Lease (seconds) ---------------1600 Type ------------dhcp-snooping VLAN ----- Interface -----------100 FastEthernet3/1 This example shows how to display an IP address for DHCP snooping binding entries: Router# show ip dhcp snooping binding 172.100.101.102 MacAddress ----------0000.0100.0201 Router# IP Address Lease (seconds) -------------------------172.100.101.102 1600 Type ------------dhcp-snooping VLAN ----- Interface -----------100 FastEthernet3/1 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-802 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping binding This example shows how to display the MAC address for the DHCP snooping binding entries: Router# show ip dhcp snooping binding 55.5.5.2 0002.b33f.3d5f MacAddress -----------------00:02:B3:3F:3D:5F Router# IpAddress --------------55.5.5.2 Lease(sec) ---------492 Type ------------dhcp-snooping VLAN Interface ---- -------------------99 FastEthernet6/36 This example shows how to display the DHCP snooping binding entries’ MAC address for a specific VLAN: Router# show ip dhcp snooping binding 55.5.5.2 0002.b33f.3d5f vlan 99 MacAddress -----------------00:02:B3:3F:3D:5F Router# IpAddress --------------55.5.5.2 Lease(sec) ---------479 Type ------------dhcp-snooping VLAN ---99 Interface -------------------FastEthernet6/36 This example shows how to display the dynamic DHCP snooping binding entries: Router# show ip dhcp snooping binding dynamic MacAddress ----------0000.0100.0201 Router# IP Address ----------10.0.0.1 Lease (seconds) ---------------1600 Type -----------dhcp-snooping VLAN ----- Interface -----------100 FastEthernet3/1 This example shows how to display the DHCP snooping binding entries on VLAN 100: Router# show ip dhcp snooping binding vlan 100 MacAddress ----------0000.0100.0201 Router# IP Address ----------10.0.0.1 Lease (seconds) ---------------1600 Type -----------dhcp-snooping VLAN ----- Interface -----------100 FastEthernet3/1 This example shows how to display the DHCP snooping binding entries on Ethernet interface 0/1: Router# show ip dhcp snooping binding interface fastethernet3/1 MacAddress ----------0000.0100.0201 Router# IP Address ----------10.0.0.1 Lease (seconds) ---------------1600 Type -----------dhcp-snooping VLAN ----- Interface -----------100 FastEthernet3/1 Table 2-47 describes the fields in the show ip dhcp snooping command output. Table 2-47 show ip dhcp snooping Command Output Field Description Mac Address Client hardware MAC address. IP Address Client IP address assigned from the DHCP server. Lease (seconds) IP address lease time. Type Binding type; statically configured from CLI or dynamically learned. VLAN VLAN number of the client interface. Interface Interface that connects to the DHCP client host. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-803 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping binding Related Commands Command Description ip dhcp snooping Globally enables DHCP snooping. ip dhcp snooping binding Sets up and generates a DHCP binding configuration to restore bindings across reboots. ip dhcp snooping database Configures the DHCP snooping database. ip dhcp snooping information option Enables DHCP option 82 data insertion. ip dhcp snooping limit Configures the number of the DHCP messages that an interface can receive rate per second. ip dhcp snooping packets Enables DHCP snooping on the tunnel interface. ip dhcp snooping verify mac-address Verifies that the source MAC address in a DHCP packet matches the client hardware address on an untrusted port. ip dhcp snooping vlan Enables DHCP snooping on a VLAN or a group of VLANs. show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the status of the DHCP snooping database agent. database Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-804 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping database show ip dhcp snooping database To display the status of the DHCP snooping database agent, use the show ip dhcp snooping database command. show ip dhcp snooping database [detail] Syntax Description detail Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Provides additional operating state and statistics information. This example shows how to display the DHCP snooping database: Router# show ip dhcp snooping database Agent URL : Write delay Timer : 300 seconds Abort Timer : 300 seconds Agent Running : No Delay Timer Expiry : Not Running Abort Timer Expiry : Not Running Last Succeded Time : None Last Failed Time : None Last Failed Reason : No failure recorded. Total Attempts Successful Transfers Successful Reads Successful Writes Media Failures : : : : : 0 0 0 0 0 Startup Failures Failed Transfers Failed Reads Failed Writes : : : : 0 0 0 0 Router# This example shows how to view additional operating statistics: Router# show ip dhcp snooping database detail Agent URL : tftp://10.1.1.1/directory/file Write delay Timer : 300 seconds Abort Timer : 300 seconds Agent Running : No Delay Timer Expiry : 7 (00:00:07) Abort Timer Expiry : Not Running Last Succeded Time : None Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-805 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip dhcp snooping database Last Failed Time : 17:14:25 UTC Sat Jul 7 2001 Last Failed Reason : Unable to access URL. Total Attempts Successful Transfers Successful Reads Successful Writes Media Failures : : : : : 21 0 0 0 0 Startup Failures Failed Transfers Failed Reads Failed Writes : : : : 0 21 0 21 First successful access: Read Last ignored bindings counters Binding Collisions : Invalid interfaces : Parse failures : Last Ignored Time : None : 0 0 0 Expired leases : Unsupported vlans : 0 0 Total ignored bindings counters: Binding Collisions : 0 Invalid interfaces : 0 Parse failures : 0 Expired leases : Unsupported vlans : 0 0 Router# Related Commands Command Description ip dhcp snooping Globally enables DHCP snooping. ip dhcp snooping binding Sets up and generates a DHCP binding configuration to restore bindings across reboots. ip dhcp snooping database Configures the DHCP snooping database. ip dhcp snooping information option Enables DHCP option 82 data insertion. ip dhcp snooping limit Configures the number of the DHCP messages that an interface can receive rate per second. ip dhcp snooping packets Enables DHCP snooping on the tunnel interface. ip dhcp snooping verify mac-address Verifies that the source MAC address in a DHCP packet matches the client hardware address on an untrusted port. ip dhcp snooping vlan Enables DHCP snooping on a VLAN or a group of VLANs. show ip dhcp snooping Displays the DHCP snooping configuration. show ip dhcp snooping Displays the DHCP snooping binding entries. binding Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-806 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip flow-export show ip flow-export To display the information about the software-switched flows for the data export, including the main cache and all other enabled caches, use the show ip flow export command. show ip flow export [template | verbose] Syntax Description template (Optional) Displays export template statistics information. verbose (Optional) Displays verbose export statistics information. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the software-switched flows for NDE: Router# show ip flow export Flow export v1 is disabled for main cache Version 1 flow records 0 flows exported in 0 udp datagrams 0 flows failed due to lack of export packet 0 export packets were sent up to process level 0 export packets were dropped due to no fib 0 export packets were dropped due to adjacency issues 0 export packets were dropped due to fragmentation failures 0 export packets were dropped due to encapsulation fixup failures 0 export packets were dropped enqueuing for the RP 0 export packets were dropped due to IPC rate limiting Router# This example shows how to display export template statistics information: Router# show ip flow export template No Template export information No Option Templates exist Template Options Flag = 0 Total number of Templates added = 0 Total active Templates = 0 Flow Templates active = 0 Flow Templates added = 0 Option Templates active = 0 Option Templates added = 0 Template ager polls = 0 Option Template ager polls = 0 Main cache version 9 export is disabled Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-807 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip flow-export This example shows how to display export verbose statistics information: Router# show ip flow export verbose Flow export v1 is disabled for main cache Version 1 flow records 0 flows exported in 0 udp datagrams 0 flows failed due to lack of export packet 0 export packets were sent up to process level 0 export packets were dropped due to no fib 0 export packets were dropped due to adjacency issues 0 export packets were dropped due to fragmentation failures 0 export packets were dropped due to encapsulation fixup failures 0 export packets were dropped enqueuing for the RP 0 export packets were dropped due to IPC rate limiting Router# Related Commands Command Description clear adjacency Clears the CEF adjacency table. ip flow-aggregation cache Creates a flow-aggregation cache and enters the aggregation cache configuration mode. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-808 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp groups show ip igmp groups To display the multicast groups with receivers that are directly connected to the router and that were learned through IGMP, use the show ip igmp groups command. show ip igmp [vrf vrf-name] groups [group-name | group-address | interface-type interface-number] [detail] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. group-name (Optional) Name of the multicast group as defined in the DNS hosts table. group-address (Optional) Address of the multicast group in four-part, dotted-decimal notation. interface-type (Optional) Interface type. interface-number (Optional) Interface number. detail (Optional) Provides a detailed description of the sources that are known through IGMP Version 3 (IGMPv3), IGMP v3lite, or URL Rendezvous Directory (URD). Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you omit all optional arguments and keywords, the show ip igmp groups command displays all directly connected multicast groups by group address, interface type, and interface number. Examples This example shows how to display output from the show ip igmp groups command: Router# show ip igmp groups IGMP Connected Group Membership Group Address Interface 239.255.255.254 Ethernet3/1 224.0.1.40 Ethernet3/1 224.0.1.40 Ethernet3/3 224.0.1.1 Ethernet3/1 224.9.9.2 Ethernet3/1 232.1.1.1 Ethernet3/1 Uptime 1w0d 1w0d 1w0d 1w0d 1w0d 5d21h Expires 00:02:19 00:02:15 never 00:02:11 00:02:10 stopped Last Reporter 172.21.200.159 172.21.200.1 172.16.214.251 172.21.200.11 172.21.200.155 172.21.200.206 This example shows how to display output from the show ip igmp groups command with the group-address argument and detail keyword: Router# show ip igmp groups 232.1.1.1 detail Interface: Group: Ethernet3/2 232.1.1.1 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-809 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp groups Uptime: 01:58:28 Group mode: INCLUDE Last reporter: 10.0.119.133 CSR Grp Exp: 00:02:38 Group source list: (C - Cisco Src Report, U - URD, R - Remote) Source Address Uptime v3 Exp CSR Exp Fwd Flags 172.16.214.1 01:58:28 stopped 00:02:31 Yes C Table 2-48 describes the fields shown in the displays. Table 2-48 show ip igmp groups Field Descriptions Field Description Group Address Address of the multicast group. Interface Interface through which the group is reachable. Uptime Time in weeks, days, hours, minutes, and seconds that this multicast group has been known. Expires Time in weeks, days, hours, minutes, and seconds until the entry expires. If an entry expires, then the entry (for a short period) shows “now” before it is removed. “never” indicates that the entry will not time out, because a local receiver is on this router for this entry. “stopped” indicates that timing out of this entry is not determined by this expire timer. If the router is in INCLUDE mode for a group, then the whole group entry times out after the last source entry has timed out (unless the mode is changed to EXCLUDE mode before it times out). Last Reporter Last host to report being a member of the multicast group. Both IGMP v3lite and URD require a v2-report. Group mode: Either INCLUDE or EXCLUDE. The group mode is based on the type of membership reports that are received on the interface for the group. In the output for the show ip igmp groups detail command, the EXCLUDE mode also shows the Expires: field for the group entry (not shown in the output). CSR Grp Exp Shown for multicast groups in the SSM range. It indicates the time (in hours, minutes, and seconds) since the last received group membership report was received. Cisco IOS software needs to use these reports for the operation of URD and IGMP v3lite, but the reports do not indicate group membership by themselves. Group source list: Details of which sources have been requested by the multicast group. Source Address IP address of the source. Uptime Time since the source state was created. v3 Exp Time in hours, minutes, and seconds until the membership for the source times out according to IGMP operations. “stopped” displays if no member uses IGMPv3 (but only IGMP v3lite or URD). CSR Exp Time in hours, minutes, and seconds until the membership for the source times out according to IGMP v3lite or URD reports. “stopped” displays if members use only IGMPv3. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-810 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp groups Table 2-48 show ip igmp groups Field Descriptions (continued) Related Commands Field Description Fwd Status of whether the router is forwarding multicast traffic due to this entry. Flags Information about the entry. The Remote flag indicates that an IGMPv3 report has been received by this source. The C flag indicates that an IGMP v3lite or URD report was received by this source. The U flag indicates that a URD report was received for this source. Command Description ip igmp query-interval Configures the frequency at which Cisco IOS software sends IGMP host query messages. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-811 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp interface show ip igmp interface To display the information about the IGMP-interface status and configuration, use the show ip igmp interface command. show ip igmp [vrf vrf-name] interface [{interface [interface-number]} | {null interface-number} | {vlan vlan-id}] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null interface-number Specifies the null interface; the valid value is 0. vlan vlan-id Specifies the VLAN; valid values are from 1 to 4094. Defaults If you do not specify a VLAN, information for VLAN 1 is shown. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. If you omit the optional arguments, the show ip igmp interface command displays information about all interfaces. Examples This example shows how to display IGMP information for VLAN 43: Router# show ip igmp interface vlan 43 Vlan43 is up, line protocol is up Internet address is 43.0.0.1/24 IGMP is enabled on interface Current IGMP host version is 2 Current IGMP router version is 2 IGMP query interval is 60 seconds IGMP querier timeout is 120 seconds Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-812 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp interface IGMP max query response time is 10 seconds Last member query count is 2 Last member query response interval is 1000 ms Inbound IGMP access group is not set IGMP activity: 1 joins, 0 leaves Multicast routing is enabled on interface Multicast TTL threshold is 0 Multicast designated router (DR) is 43.0.0.1 (this system) IGMP querying router is 43.0.0.1 (this system) Multicast groups joined by this system (number of users): 224.0.1.40(1) IGMP snooping is globally enabled IGMP snooping is enabled on this interface IGMP snooping fast-leave is disabled and querier is disabled IGMP snooping explicit-tracking is enabled on this interface IGMP snooping last member query interval on this interface is 1000 ms Router# Related Commands Command Description clear ip igmp group Deletes the entries for the IGMP-group cache. show ip igmp snooping Displays the information about the dynamically learned and manually mrouter configured multicast router interfaces. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-813 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp snooping explicit-tracking show ip igmp snooping explicit-tracking To display the information about the explicit host-tracking status for IGMPv3 hosts, use the show ip igmp snooping explicit-tracking command. show ip igmp snooping explicit-tracking {vlan vlan-id} Syntax Description vlan vlan-id Defaults If you do not specify a VLAN, information for VLAN 1 is shown. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Specifies the VLAN; see the “Usage Guidelines” section for valid values. Usage Guidelines Explicit host tracking is supported only with IGMPv3 hosts. Examples This example shows how to display the information about the explicit host-tracking status for IGMPv3 hosts: Router# show ip igmp snooping explicit-tracking vlan 25 Source/Group Interface Reporter Filter_mode -----------------------------------------------------------------------10.1.1.1/226.2.2.2 Vl25:1/2 16.27.2.3 INCLUDE 10.2.2.2/226.2.2.2 Vl25:1/2 16.27.2.3 INCLUDE Router# Related Commands Command Description ip igmp snooping explicit-tracking Enables explicit host tracking. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-814 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp snooping mrouter show ip igmp snooping mrouter To display the information about the dynamically learned and manually configured multicast router interfaces, use the show ip igmp snooping mrouter command. show ip igmp snooping mrouter [{vlan vlan-id}] Syntax Description vlan vlan-id Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines (Optional) Specifies a VLAN; valid values are from 1 to 4094. You can also use the show mac-address-table command to display entries in the MAC-address table for a VLAN that has IGMP snooping enabled. You can display IGMP snooping information for VLAN interfaces by entering the show ip igmp interface vlan vlan-num command. Examples This example shows how to display the information about IGMP snooping for a specific VLAN: Router# show ip igmp snooping mrouter interface 1 vlan ports -----+---------------------------------------1 Gi1/1,Gi2/1,Fa3/48,Router Router# Related Commands Command Description ip igmp snooping mrouter Configures a Layer 2 port as a multicast router port. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-815 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp snooping rate-limit show ip igmp snooping rate-limit To display the information about the IGMP snooping rate limit, use the show ip igmp snooping rate-limit command. show ip igmp snooping rate-limit [statistics | vlan vlan-id] Syntax Description statistics (Optional) Displays IGMP snooping statistics. vlan vlan-id (Optional) Specifies a VLAN; valid values are from 1 to 4094. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the statistics for IGMP snooping rate limiting: Router# show ip igmp snooping rate-limit statistics Max IGMP messages incoming rate : Not configured Vlan Incoming rate Rate-limiting ON Disable count Time to Enable -----+---------------+----------------+---------------+---------------+ 222 1000 No 0 111 5999 Yes 3 185 Router# This example shows how to display IGMP snooping rate-limit information for a specific VLAN: Router# show ip igmp snooping rate-limit vlan 19 Max IGMP messages incoming rate : 200 pps Vlan Incoming IGMP rate (in pps) --------+--------------------------------19 200 Router# Related Commands Command Description ip igmp snooping rate Sets the rate limit for IGMP snooping packets. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-816 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp snooping statistics show ip igmp snooping statistics To display IGMPv3 statistics, use the show ip igmp snooping statistics command. show ip igmp snooping statistics [{interface interface [interface-number]} | {port-channel number} | {vlan vlan-id}] Syntax Description interface interface (Optional) Displays IGMP statistics for the specified interface type; possible valid values are ethernet, fastethernet, and gigabitethernet. interface-number (Optional) Multicast-related statistics for the specified module and port; see the “Usage Guidelines” section for valid values. port-channel number (Optional) Displays multicast-related statistics for the specified port-channel; valid values are from 1 to 282. vlan vlan-id (Optional) Displays multicast-related statistics for the specified VLAN; valid values for vlan-id are from 1 to 4094. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show ip igmp snooping statistics command displays the following statistics: • List of ports that are members of a group • Filter mode • Reporter-address behind the port • Additional information (such as the last-join and last-leave collected since the previous time that a clear ip igmp snooping statistics command was issued) The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The port-channel number values from 257 to 282 are supported on the CSM and the FWSM only. The #hosts behind the VLAN is displayed only if you define the max-hosts policy on the specified VLAN and enable the log policy for the specified VLAN. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-817 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp snooping statistics Examples This example shows how to display IGMPv3 statistics: Router# show ip igmp snooping statistics interface FastEthernet5/1 IGMP Snooping statistics Service-policy: Policy1policy tied with this interface #Channels: 3 #hosts : 3 Query Rx: 2901 GS Query Rx: 0 V3 Query Tot Rx: 0 Join Rx: 8686 Leave Rx: 0 V3 Report Rx: 2300 Join Rx from router ports: 8684 Leave Rx from router ports: 0 Total Rx: 11587 Channel/Group Interface Reporter Uptime Last-Join 10.7.20.1,239.1.1.1 F5/1 10.5.20.1 00:12:00 1:10:00 10.7.30.1,239.1.1.1 F5/1 10.5.30.1 00:50:10 1:10:02 10.7.40.1,239.1.1.1 F5/1 10.5.40.1 00:10:10 1:10:03 Router# Last-Leave 0:30:02 - Table 2-49 describes the fields that are shown in the example. Table 2-49 show ip igmp snooping statistics Field Descriptions Related Commands Field Description Service-policy: Policy1 Policy tied to this interface. #Channels: 3 Number of channels behind the specified interface. #hosts Number of hosts behind the specified interface. This field is displayed only if max-hosts policy is used. Command Description clear ip igmp snooping Clears the IGMP snooping statistics. statistics Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-818 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp udlr show ip igmp udlr To display UDLR information for the connected multicast groups on the interfaces that have a UDL helper address configured, use the show ip igmp udlr command. show ip igmp udlr [group-name | group-address | interface-type interface-number] Syntax Description group-name (Optional) Name of the multicast group. group-address (Optional) Address of the multicast group. interface-type interface-number (Optional) Interface type and number. Defaults This command has no default settings. Command Modes User EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command displays which groups are being forwarded and received over the UDL. On the upstream router, this command shows which interface is a UDL interface and which IP multicast groups are being forwarded out that interface. The UDL Reporter is the IP address of the downstream interface on the receiving router. If there is more than one downstream router, this field shows which downstream router forwarded the IGMP host report to the upstream router over the ground-based network. This report is forwarded over the UDL so that all downstream routers know which groups have already been requested by other downstream routers, and additional IGMP host reports are suppressed. On the downstream router, this command (in the Interface field) shows which local interface received an IGMP host report (from a connected host for a specific group). The UDL Reporter is the IP address of the router that had forwarded the IGMP host report to the upstream router over the ground-based network. The UDL Interfaces column shows the interface on which IP multicast packets are being received. Examples This example shows the output of the show ip igmp udlr command on an upstream router: Router# show ip igmp udlr IGMP UDLR Status, UDL Interfaces: Serial0 Group Address Interface UDL Reporter 224.2.127.254 Serial0 10.0.0.2 224.0.1.40 Serial0 10.0.0.2 225.7.7.7 Serial0 10.0.0.2 Router# Reporter Expires 00:02:12 00:02:11 00:02:15 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-819 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip igmp udlr This example shows the output of the show ip igmp udlr command on a downstream router: Router# show ip igmp udlr IGMP UDLR Status, UDL Interfaces: Serial0 Group Address Interface UDL Reporter 224.2.127.254 Serial0 10.0.0.2 224.0.1.40 Serial0 10.0.0.2 225.7.7.7 Serial0 10.0.0.2 Router# Reporter Expires 00:02:49 00:02:48 00:02:52 Table 2-50 describes the fields shown in the output of the show ip igmp udlr command. Table 2-50 show ip igmp udlr Field Descriptions Field Description Group Address All group’s helper addresses on the interface. Interface Interface type and number to which the group is connected. UDL Reporter IP address of the router on the UDL network that is IGMP helping for the group. Reporter Expires How soon the UDL Reporter will become inactive, in hours:minutes:seconds. This can occur under the following conditions: • The UDL Reporter has become nonoperational. • The link or network to the reporter has become nonoperational. • The group member attached to the UDL Reporter has left the group. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-820 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip interface show ip interface To display the usability status of interfaces that are configured for IP, use the show ip interface command. show ip interface [type number] Syntax Description type (Optional) Interface type. number (Optional) Interface number. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The Cisco IOS software automatically enters a directly connected route in the routing table if the interface is usable. A usable interface is one through which the software can send and receive packets. If the software determines that an interface is not usable, it removes the directly connected routing entry from the routing table. Removing the entry allows the software to use dynamic routing protocols to determine backup routes to the network, if any. If the interface can provide two-way communication, the line protocol is marked “up.” If the interface hardware is usable, the interface is marked “up.” If you specify an optional interface type, you see only information on that specific interface. If you specify no optional arguments, you see information on all the interfaces. When an asynchronous interface is encapsulated with PPP or Serial Line Internet Protocol (SLIP), IP fast switching is enabled. The show ip interface command on an asynchronous interface that is encapsulated with PPP or SLIP displays a message indicating that IP fast switching is enabled. Examples This example shows how to display the usability status for a specific VLAN: Router# show ip interface vlan 1 Vlan1 is up, line protocol is up Internet address is 10.6.58.4/24 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-821 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip interface Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is disabled IP Flow switching is disabled IP CEF switching is enabled IP Fast switching turbo vector IP Normal CEF switching turbo vector IP multicast fast switching is enabled IP multicast distributed fast switching is disabled IP route-cache flags are Fast, CEF Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled WCCP Redirect outbound is disabled WCCP Redirect inbound is disabled WCCP Redirect exclude is disabled BGP Policy Mapping is disabled Sampled Netflow is disabled IP multicast multilayer switching is disabled Netflow Data Export (hardware) is enabled Router# Table 2-51 describes the fields that are shown in the example. Table 2-51 show ip interface Field Descriptions Field Description Ethernet0 is up If the interface hardware is usable, the interface is marked “up.” For an interface to be usable, both the interface hardware and line protocol must be up. line protocol is up If the interface can provide two-way communication, the line protocol is marked “up.” For an interface to be usable, both the interface hardware and line protocol must be up. Internet address and subnet mask IP address and subnet mask of the interface. Broadcast address Broadcast address. Address determined by... Status of how the IP address of the interface was determined. MTU MTU value that is set on the interface. Helper address Helper address, if one has been set. Secondary address Secondary address, if one has been set. Directed broadcast forwarding Status of directed broadcast forwarding. Multicast groups joined Multicast groups to which this interface belongs. Outgoing access list Status of whether the interface has an outgoing access list set. Inbound access list Status of whether the interface has an incoming access list set. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-822 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip interface Table 2-51 show ip interface Field Descriptions (continued) Field Description Proxy ARP Status of whether Proxy Address Resolution Protocol (ARP) is enabled for the interface. Security level IP Security Option (IPSO) security level set for this interface. Split horizon Status of the split horizon. ICMP redirects Status of the redirect messages on this interface. ICMP unreachables Status of the unreachable messages on this interface. ICMP mask replies Status of the mask replies on this interface. IP fast switching Status of whether fast switching has been enabled for this interface. Fast switching is typically enabled on serial interfaces, such as this one. IP SSE switching Status of the IP silicon switching engine (SSE). Router Discovery Status of the discovery process for this interface. It is typically disabled on serial interfaces. IP output packet accounting Status of IP accounting for this interface and the threshold (maximum number of entries). TCP/IP header compression Status of compression. Probe proxy name Status of whether the HP Probe proxy name replies are generated. WCCP Redirect outbound is enabled Status of whether packets that are received on an interface are redirected to a cache engine. WCCP Redirect exclude is disabled Status of whether packets that are targeted for an interface are excluded from being redirected to a cache engine. Netflow Data Export (hardware) is enabled NDE hardware flow status on the interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-823 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mcache show ip mcache To display the contents of the IP fast-switching cache, use the show ip mcache command. show ip mcache [vrf vrf-name] [group-address | group-name] [source-address | source-name] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. group-address | group-name (Optional) Fast-switching cache for the single group. source-address | source-name (Optional) If the source address or name is also specified, displays a single multicast cache entry. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The group-address | group-name can be either a Class D IP address or a DNS name. The source-address | source-name can be either a unicast IP address or a DNS name. Examples This example shows how to display the contents of the IP fast-switching cache. This entry shows a specific source (wrn-source 226.62.246.73) sending to the World Radio Network group (224.2.143.24): Router> show ip mcache wrn wrn-source IP Multicast Fast-Switching Cache (226.62.246.73/32, 224.2.143.24), Fddi0, Last used: 00:00:00 Ethernet0 MAC Header: 01005E028F1800000C1883D30800 Ethernet1 MAC Header: 01005E028F1800000C1883D60800 Ethernet2 MAC Header: 01005E028F1800000C1883D40800 Ethernet3 MAC Header: 01005E028F1800000C1883D70800 Table 2-52 describes the fields shown in the display. Table 2-52 show ip mcache Field Descriptions Field Description 226.62.246.73 Source address. 224.2.143.24 Destination address. Fddi0 Incoming or expected interface on which the packet should be received. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-824 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mcache Table 2-52 show ip mcache Field Descriptions (continued) Field Description Last used: Latest time that the entry was accessed for a packet that was successfully fast switched. “Semi-fast” indicates that the first part of the outgoing interface list is fast switched and the rest of the list is process level switched. Ethernet0 Outgoing interface list and respective MAC header that is used when rewriting the packet for output. If the interface is a tunnel, the MAC header shows the real next-hop MAC header and, in parentheses, the real interface name. MAC Header: Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-825 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mds interface show ip mds interface To display MDS information for all the interfaces on the module, use the show ip mds interface command. show ip mds interface [vrf vrf-name] Syntax Description vrf vrf-name Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. This example shows how to display MDS information for all the interfaces on the module: Router# show ip mds interface Interface Ethernet1/0/0 Ethernet1/0/1 Ethernet1/0/2 Ethernet1/0/3 Ethernet1/0/4 Ethernet1/0/5 Ethernet1/0/6 Ethernet1/0/7 POS2/0/0 POS3/0/0 Virtual-Access1 Loopback0 Tunnel0 Tunnel1 Ethernet1/0/3.1 Ethernet1/0/3.2 SW-Index 2 3 4 5 6 7 8 9 10 11 13 14 15 16 17 18 HW-Index 1 2 3 4 5 6 7 8 9 10 11 12 23 24 4 4 HW IDB 0x60C2DB40 0x60C32280 0x60C35E40 0x60C39E60 0x60C3D780 0x60C41140 0x60C453A0 0x60C48DC0 0x0 0x0 0x0 0x0 0x61C2E480 0x61C267E0 0x60C39E60 0x60C39E60 FS Vector 0x602FB7A4 0x603D52B8 0x602FB7A4 0x603D52B8 0x602FB7A4 0x602FB7A4 0x602FB7A4 0x602FB7A4 0x603D52B8 0x603D52B8 0x603D52B8 0x603D52B8 VRF default default default default default default default default default default default default vrf1 vrf2 vrf1 vrf2 Table 2-53 describes the fields shown in the display. Table 2-53 show ip mds interface Field Descriptions Field Description Interface Specified interface. SW-Index Software index. HW-Index Hardware index. HW IDB Hardware interface description block. VRF VPN routing/forwarding instance. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-826 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mpacket show ip mpacket To display the contents of the circular cache-header buffer, use the show ip mpacket command. show ip mpacket [vrf vrf-name] [group-address | group-name] [source-address | source-name] [detail] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. group-address | group-name (Optional) Cache headers matching the specified group address or group name. source-address | source-name (Optional) Cache headers matching the specified source address or source name. detail (Optional) In addition to the summary information, displays the rest of the IP header fields on an additional line, plus the first 8 bytes after the IP header (usually the UDP port numbers). Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command is applicable only when the ip multicast cache-headers command is in effect. Each time that this command is entered, a new buffer is allocated. The summary display (when the detail keyword is omitted) shows the IP packet identifier, time-to-live (TTL) value, source and destination IP addresses, and a local time stamp when the packet was received. The two arguments and one keyword can be used in the same command in any combination. Examples This example shows how to display the contents of the circular cache-header buffer: Router # show ip mpacket smallgroup IP Multicast Header Cache - entry count:6, next index: 7 Key: id/ttl timestamp (name) source group D782/117 7302/113 6CB2/114 D782/117 E2E9/123 1CA7/127 206416.908 206417.908 206417.412 206417.868 206418.488 206418.544 (ABC-xy.company.com) 192.168.228.10 224.5.6.7 (school.edu) 147.12.2.17 224.5.6.7 (MSSRS.company.com) 154.2.19.40 224.5.6.7 (ABC-xy.company.com) 192.168.228.10 224.5.6.7 (Newman.com) 211.1.8.10 224.5.6.7 (teller.company.com) 192.168.6.10 224.5.6.7 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-827 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mpacket Table 2-54 describes the fields shown in the display. Table 2-54 show ip mpacket Field Descriptions Related Commands Field Description entry count Number of packets cached (one packet for each line in the display). The cache has lines numbered from 0 to 1024. next index Index for the next element in the cache. id Identification number of the IP packet. ttl Current TTL of the packet. timestamp Time-stamp sequence number of the packet. (name) DNS name of the source sending to the group. Name appears in parentheses. source IP address of the source sending to the group. group Multicast group address to which the packet is sent. In this example, the group address is the group name smallgroup. Command Description ip multicast cache-headers Allocates a circular buffer to store IP multicast packet headers that the router receives. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-828 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute show ip mroute To display the information about the IP-multicast routing table, use the show ip mroute command. show ip mroute [vrf vrf-name] [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id} | {{host-name | host-address} [source]} | {active [kbps | {interface-type num}]} | {count | pruned | static | summary}] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number (Optional) Module and port number; see the “Usage Guidelines” section for valid values. null (Optional) Specifies the null interface; the valid value is 0. interface-number port-channel number (Optional) Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 282. vlan vlan-id (Optional) Specifies the VLAN; valid values are from 1 to 4094. host-name | host-address (Optional) Name or IP address as defined in the DNS hosts table. source (Optional) IP address or name of a multicast source. active (Optional) Displays the rate that active sources are sending to multicast groups. kbps (Optional) Minimum rate at which active sources are sending to multicast groups; active sources sending at this rate or greater are displayed. Valid values are from 1 to 4294967295 kbps. count (Optional) Displays the route and packet count information. pruned (Optional) Displays the pruned routes. static (Optional) Displays the static multicast routes. summary (Optional) Displays a one-line, abbreviated summary of each entry in the IP-multicast routing table. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-829 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute Usage Guidelines If you omit all optional arguments and keywords, the show ip mroute command displays all entries in the IP-multicast routing table. The show ip mroute active kbps command displays all sources sending at a rate greater than or equal to kbps. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The port-channel number values are from 257 to 282 are supported on the CSM and the FWSM only. The multicast routing table is populated by creating source, group (S,G) entries from star, group (*,G) entries. The star refers to all source addresses, the “S” refers to a single source address, and the “G” is the destination multicast group address. In creating (S,G) entries, the software uses the best path to that destination group that is found in the unicast routing table (through RPF). Examples This example shows how to display all entries in the IP-multicast routing table: Router# show ip mroute 224.1.1.1 IP Multicast Routing Table Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running, A - Candidate MSDP Advertisement, U - URD, I - Received Source Specific Host Report, Z - Multicast Tunnel Y - Joined MDT-data group, y - Sending to MDT-data group, s - SSM Outgoing interface flags: H - Hardware switched Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode (*, 224.1.1.1), 00:00:07/00:02:59, RP 2.0.0.1, flags: BC Bidir-Upstream: Null, RPF nbr 0.0.0.0, RPF-MFD Outgoing interface list: Vlan202, Forward/Sparse-Dense, 00:00:07/00:02:59, H Router# This example shows how to display the rate that active sources are sending to multicast groups and to display only active sources sending at greater than the default rate: Router# show ip mroute active Active IP Multicast Sources - sending >= 4 kbps Group: 224.2.127.254, (sdr.cisco.com) Source: 146.137.28.69 (mbone.ipd.anl.gov) Rate: 1 pps/4 kbps(1sec), 4 kbps(last 1 secs), 4 kbps(life avg) Group: 224.2.201.241, ACM 97 Source: 130.129.52.160 (webcast3-e1.acm97.interop.net) Rate: 9 pps/93 kbps(1sec), 145 kbps(last 20 secs), 85 kbps(life avg) Group: 224.2.207.215, ACM 97 Source: 130.129.52.160 (webcast3-e1.acm97.interop.net) Rate: 3 pps/31 kbps(1sec), 63 kbps(last 19 secs), 65 kbps(life avg) Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-830 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute This example shows how to display the information about the route and packet count: Router# show ip mroute count IP Multicast Statistics 56 routes using 28552 bytes of memory 13 groups, 3.30 average sources per group Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kilobits per second Other counts:Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group:224.2.136.89, Source count:1, Group pkt count:29051 Source:132.206.72.28/32, Forwarding:29051/-278/1186/0, Other:85724/8/56665 Router# This example shows how to display summary information: Router# show ip mroute summary IP Multicast Routing Table Flags: D - Dense, S - Sparse, s - SSM Group, C - Connected, L - Local, P - Pruned, R - RP-bit set, F - Register flag, T - SPT-bit set, J - Join SPT, M - MSDP created entry, X - Proxy Join Timer Running A - Advertised via MSDP, U - URD, I - Received Source Specific Host Report Outgoing interface flags: H - Hardware switched Timers: Uptime/Expires Interface state: Interface, Next-Hop or VCD, State/Mode Router# Table 2-55 describes the fields that are shown in the example. Table 2-55 show ip mroute Field Descriptions Field Description Flags: Information about the entry. D - Dense Entry is operating in dense mode. S - Sparse Entry is operating in sparse mode. s - SSM Group Entry is a member of an SSM group. C - Connected Member of the multicast group is present on the directly connected interface. L - Local Router is a member of the multicast group. P - Pruned Route has been pruned. This information is retained in case a downstream member wants to join the source. R - Rp-bit set Status of whether the (S,G) entry is pointing toward the route processor. This field shows a prune state along the shared tree for a particular source. F - Register flag Status of whether the software is registering for a multicast source. T - SPT-bit set Status of whether the packets have been received on the shortest-path tree. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-831 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute Table 2-55 show ip mroute Field Descriptions (continued) Field J - Join SPT Description For (*, G) entries, indicates that the rate of traffic flowing down the shared tree is exceeding the SPT-Threshold that is set for the group. (The default SPT-Threshold setting is 0 kbps.) When the J - Join SPT flag is set, the next (S,G) packet that is received down the shared tree triggers an (S,G) join in the direction of the source causing the router to join the source tree. For (S,G) entries, indicates that the entry was created because the SPT-Threshold for the group was exceeded. When the J - Join SPT flag is set for (S,G) entries, the router monitors the traffic rate on the source tree and attempts to switch back to the shared tree for this source if the traffic rate on the source tree falls below the group’s SPT-Threshold for more than 1 minute. The router measures the traffic rate on the shared tree and compares the measured rate to the group’s SPT-Threshold once every second. If the traffic rate exceeds the SPT-Threshold, the J - Join SPT flag is set on the (*, G) entry until the next measurement of the traffic rate. The flag is cleared when the next packet arrives on the shared tree and a new measurement interval is started. If the default SPT-Threshold value of 0 Kbps is used for the group, the J - Join SPT flag is always set on (*, G) entries and is never cleared. When the default SPT-Threshold value is used, the router immediately switches to the shortest-path tree when traffic from a new source is received. Bidir-Upstream: Null, RPF nbr 0.0.0.0, RPF-MFD Interface that is used to reach the PIM route processor. Set to Null if the router is the PIM route processor or if no route exists to the PIM route processor. Outgoing interface flags: Information about the outgoing entry. H - Hardware switched Entry is hardware switched. Timers: Uptime/Expires. Interface state: Interface, Next-Hop or VCD, State/Mode. (*, 224.0.255.1) (198.92.37.100/32, 224.0.255.1) Entry in the IP-multicast routing table. The entry consists of the IP address of the source router followed by the IP address of the multicast group. An asterisk (*) in place of the source router indicates all sources. Entries in the first format are referred to as (*,G) or “star comma G” entries. Entries in the second format are referred to as (S,G) or “S comma G” entries. (*,G) entries are used to build (S,G) entries. uptime Hours, minutes, and seconds that the entry has been in the IP-multicast routing table. expires Hours, minutes, and seconds until the entry is removed from the IP-multicast routing table on the outgoing interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-832 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute Table 2-55 show ip mroute Field Descriptions (continued) Related Commands Field Description RP Address of the route processor. For routers and access servers operating in sparse mode, this address is always 0.0.0.0. flags: Information about the entry. Incoming interface: Expected interface for a multicast packet from the source. If the packet is not received on this interface, it is discarded. RPF neighbor IP address of the upstream router to the source. Tunneling indicates that this router is sending data that is encapsulated in register packets to the route processor. The hexadecimal number in parentheses indicates to which route processor it is registering. Each bit indicates a different route processor if multiple route processors per group are used. Dvmrp or Mroute Status of whether the RPF information is obtained from the DVMRP routing table or the static mroute configuration. Outgoing interface list: Interfaces through which packets are forwarded. When you enable the ip pim nbma-mode command on the interface, the IP address of the PIM neighbor is also displayed. Ethernet0 Name and number of the outgoing interface. Next hop or VCD Next hop specifies the downstream neighbor’s IP address. VCD specifies the virtual-circuit descriptor number. VCD0 indicates that the group is using the static-map virtual circuit. Forward/Dense Status of whether the packets are forwarded on the interface if there are no restrictions due to access lists or the TTL threshold. Following the slash (/), the mode in which the interface is operating (dense or sparse). Forward/Sparse Sparse mode interface is in forward mode. time/time (uptime/expiration time) Per interface, the duration in hours, minutes, and seconds that the entry has been in the IP-multicast routing table. Specifies that following the slash (/), the duration in hours, minutes, and seconds until the entry is removed from the IP-multicast routing table. Command Description ip multicast-routing Enables IP multicast routing. ip pim Enables PIM on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-833 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute bidirectional show ip mroute bidirectional To display Bidir information from the IP-multicast routing table, use the show ip mroute bidirectional command. show ip mroute bidirectional [{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id} | {{host-name | host-address} [source]} | {active [kbps | {interface-type num}]} | {count | pruned | static | summary}] Syntax Description interface (Optional) Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. null interface-number Specifies the null interface; the valid value is 0. port-channel number Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 282. vlan vlan-id Specifies the VLAN; valid values are from 1 to 4094. host-name | host-address (Optional) Name or IP address as defined in the DNS hosts table. source (Optional) IP address or name of a multicast source. active (Optional) Displays the rate that active sources are sending to multicast groups. kbps (Optional) Minimum rate at which active sources are sending to multicast groups; active sources sending at this rate or greater are displayed. Valid values are from 1 to 4294967295 kbps. count (Optional) Displays the route and packet count. pruned (Optional) Displays the pruned routes. static (Optional) Displays the static multicast routes. summary (Optional) Displays a one-line, abbreviated summary of each entry in the IP-multicast routing table. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-834 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip mroute bidirectional Usage Guidelines If you omit all optional arguments and keywords, the mroute bidirectional command displays all entries in the IP-multicast routing table. Examples This example shows how to display the information in the IP-multicast routing table that is related to bidirectional PIM: Router# show ip mroute bidirectional (*, 225.1.3.0), 00:00:02/00:02:57, RP 3.3.3.3, flags:BC Bidir-Upstream:GigabitEthernet2/1, RPF nbr 10.53.1.7, RPF-MFD Outgoing interface list: GigabitEthernet2/1, Bidir-Upstream/Sparse-Dense, 00:00:02/00:00:00,H Vlan30, Forward/Sparse-Dense, 00:00:02/00:02:57, H (*, 225.1.2.0), 00:00:04/00:02:55, RP 3.3.3.3, flags:BC Bidir-Upstream:GigabitEthernet2/1, RPF nbr 10.53.1.7, RPF-MFD Outgoing interface list: GigabitEthernet2/1, Bidir-Upstream/Sparse-Dense, 00:00:04/00:00:00,H Vlan30, Forward/Sparse-Dense, 00:00:04/00:02:55, H (*, 225.1.4.1), 00:00:00/00:02:59, RP 3.3.3.3, flags:BC Bidir-Upstream:GigabitEthernet2/1, RPF nbr 10.53.1.7, RPF-MFD Outgoing interface list: GigabitEthernet2/1, Bidir-Upstream/Sparse-Dense, 00:00:00/00:00:00,H Vlan30, Forward/Sparse-Dense, 00:00:00/00:02:59, H Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-835 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp count show ip msdp count To display the number of sources and groups that originated in MSDP source-active messages and the number of source-active messages from an MSDP peer in the source-active cache, use the show ip msdp count command. show ip msdp [vrf vrf-name] count [as-number] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. as-number (Optional) Number of sources and groups that originated in source-active messages from the specified autonomous system number. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You must enter the ip msdp cache-sa-state command for this command to obtain any output from the show ip msdp command. Examples This example shows how to display the number of sources and groups that originated in MSDP source-active messages and the number of source-active messages from an MSDP peer in the source-active cache: Router# show ip msdp count SA State per Peer Counters, : <# SA learned> 224.135.250.116: 24 172.16.240.253: 3964 172.16.253.19: 10 172.16.170.110: 11 SA State per ASN Counters, : <# sources>/<# groups> Total entries: 4009 ?: 192/98, 9: 1/1, 14: 107/57, 17: 7/5 18: 4/3, 25: 23/17, 26: 39/27, 27: 2/2 32: 19/7, 38: 2/1, 52: 4/4, 57: 1/1 68: 4/4, 73: 12/8, 81: 19/1, 87: 9/6 . . . Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-836 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp count Table 2-56 describes the fields shown in the display. Table 2-56 show ip msdp count Field Descriptions Related Commands Field Description 224.135.250.116: 24 MSDP peer with IP address 224.135.250.116: 24 source-active messages from the MSDP peer in the source-active cache. Total entries Total number of source-active entries in the source-active cache. 9: 1/1 Autonomous system 9: 1 source/1 group. Command Description ip msdp cache-sa-state Creates a source-active state on the router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-837 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp peer show ip msdp peer To display detailed information about the MSDP peer, use the show ip msdp peer command. show ip msdp [vrf vrf-name] peer [peer-address | peer-name] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. peer-address | peer-name (Optional) DNS name or IP address of the MSDP peer for which information is displayed. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display detailed information about the MSDP peer: Router# show ip msdp peer 224.135.250.116 MSDP Peer 224.135.250.116 (rtp5-rp1.cisco.com), AS 109 (configured AS) Description: Connection status: State: Up, Resets: 9, Connection source: Loopback2 (228.69.199.17) Uptime(Downtime): 1d10h, Messages sent/received: 436765/429062 Output messages discarded: 0 Connection and counters cleared 1w2d ago SA Filtering: Input (S,G) filter: none, route-map: none Input RP filter: none, route-map: none Output (S,G) filter: none, route-map: none Output RP filter: none, route-map: none SA-Requests: Input filter: none Sending SA-Requests to peer: disabled Peer ttl threshold: 0 SAs learned from this peer: 32, SAs limit: 500 Input queue size: 0, Output queue size: 0 Table 2-57 describes the fields shown in the display. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-838 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp peer Table 2-57 show ip msdp peer Field Descriptions Related Commands Field Description MSDP Peer IP address of the MSDP peer. AS Autonomous system to which the MSDP peer belongs. State: State of the MSDP peer. Connection source: Interface used to obtain the IP address for the TCP local connection address. Uptime(Downtime): Days and hours that the MSDP peer is up or down. If the time is less than 24 hours, it is shown in hours:minutes:seconds. Messages sent/received: Number of source-active messages sent to the MSDP peer/number of source-active messages received from the MSDP peer. SA Filtering: Information regarding access list filtering of source-active input and output if any. SA-Requests: Information regarding access list filtering of source-active requests if any. SAs learned from this peer: Number of source-active messages from the MSDP peer in the source-active cache. SAs limit: Source-active message limit for this MSDP peer. Command Description ip msdp peer Configures an MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-839 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp sa-cache show ip msdp sa-cache To display the (S,G) state that is learned from MSDP peers, use the show ip msdp sa-cache command. show ip msdp [vrf vrf-name] sa-cache [group-address | source-address | group-name | source-name] [group-address | source-address | group-name | source-name] [as-number] Syntax Description vrf vrf-name (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. group-address | (Optional) Group address, source address, group name, or source source-address | group-name | name of the group or source about which (S,G) information is source-name displayed. as-number (Optional) Only state originated by the autonomous system number specified is displayed. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The state is cached only if you enter the ip msdp cache-sa-state command. If you specify two addresses or names, an (S,G) entry corresponding to those addresses is displayed. If you specify one group address only, all sources for that group are displayed. If no options are specified, the entire source-active cache is displayed. Examples This example shows how to display the (S,G) state that is learned from MSDP peers: Router# show ip msdp sa-cache MSDP Source-Active Cache - 2398 entries (172.16.41.33, 238.105.148.0), RP 172.16.3.111, MBGP/AS 704, 2d10h/00:05:33 (172.16.112.8, 224.2.0.1), RP 192.168.200.65, MBGP/AS 10888, 00:03:21/00:02:38 (172.16.10.13, 227.37.32.1), RP 192.168.3.92, MBGP/AS 704, 05:22:20/00:03:32 (172.16.66.18, 233.0.0.1), RP 192.168.3.111, MBGP/AS 704, 2d10h/00:05:35 (172.16.66.148, 233.0.0.1), RP 192.168.3.111, MBGP/AS 704, 2d10h/00:05:35 (172.16.10.13, 227.37.32.2), RP 192.168.3.92, MBGP/AS 704, 00:44:30/00:01:31 (172.16.70.203, 224.2.236.2), RP 192.168.253.7, MBGP/AS 3582, 02:34:16/00:05:49 (172.18.42.104, 236.195.56.2), RP 192.168.3.92, MBGP/AS 704, 04:21:13/00:05:22 (172.16.10.13, 227.37.32.3), RP 192.168.3.92, MBGP/AS 704, 00:44:30/00:02:31 (172.18.15.43, 224.0.92.3), RP 192.168.200.65, MBGP/AS 10888, 6d09h/00:05:35 (172.18.15.111, 224.0.92.3), RP 192.168.200.65, MBGP/AS 10888, 16:18:08/00:05:35 (172.18.21.45, 224.0.92.3), RP 192.168.200.65, MBGP/AS 10888, 16:18:08/00:05:35 (172.18.15.75, 224.0.92.3), RP 192.168.200.65, MBGP/AS 10888, 08:40:52/00:05:35 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-840 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp sa-cache (172.18.15.100, 224.0.92.3), RP 192.168.200.65, MBGP/AS 10888, 08:40:52/00:05:35 (172.16.10.13, 227.37.32.6), RP 192.168.3.92, MBGP/AS 704, 00:45:30/00:05:31 (172.18.41.33, 224.247.228.10), RP 192.168.3.111, MBGP/AS 704, 2d10h/00:05:35 (172.18.222.210, 224.2.224.13), RP 192.168.3.92, MBGP/AS 704, 01:51:53/00:05:22 (172.18.41.33, 229.231.124.13), RP 192.168.3.111, MBGP/AS 704, 2d10h/00:05:33 (172.18.32.138, 224.2.200.23), RP 192.168.253.7, MBGP/AS 3582, 21:33:40/00:05:49 (172.18.75.244, 224.2.200.23), RP 192.168.253.7, MBGP/AS 3582, 21:33:40/00:05:49 Table 2-58 describes the fields shown in the display. Table 2-58 show ip msdp sa-cache Field Descriptions Related Commands Field Description (172.16.41.33, 238.105.148.0) First address (source) that is sending to the second address (group). RP 172.16.3.111 Rendezvous point address in the originating domain where the source-active messages started. MBGP/AS 704 Rendezvous point that is in autonomous system 704 according to multiprotocol BGP. 2d10h/00:05:33 Route that has been cached for 2 days and 10 hours. If no source-active message is received in 5 minutes and 33 seconds, the route is removed from the source-active cache. Command Description clear ip msdp sa-cache Clears MSDP source active cache entries. ip msdp cache-sa-state Creates a source-active state on the router. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-841 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip msdp summary show ip msdp summary To display the MSDP peer status, use the show ip msdp summary command. show ip msdp [vrf vrf-name] summary Syntax Description vrf vrf-name Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. This example shows how to display the MSDP peer status: Router# show ip msdp summary MSDP Peer Status Summary Peer Address AS State 224.135.250.116 109 *172.20.240.253 1239 172.16.253.19 109 172.16.170.110 109 Up Up Up Up Uptime/ Reset SA Peer Name Downtime Count Count 1d10h 9 111 rtp5-rp1 14:24:00 5 4010 sl-rp-stk 12:36:17 5 10 shinjuku-rp1 1d11h 9 12 ams-rp1 Table 2-59 describes the fields shown in the display. Table 2-59 show ip msdp summary Field Descriptions Field Description Peer Address IP address of the MSDP peer. AS Autonomous system to which the MSDP peer belongs. State State of the MSDP peer. Uptime/Downtime Days and hours that the MSDP peer is up or down per the state that is shown in the previous column. If the time is less than 24 hours, it is shown in hours:minutes:seconds. SA Count Number of source-active messages from this MSDP peer in the source-active cache. Peer Name Name of the MSDP peer. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-842 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip nhrp show ip nhrp To display information about the NHRP cache, use the show ip nhrp command. show ip nhrp [summary | dynamic | static | incomplete] [{interface-type interface-number} | ip-address] [detail | brief] Syntax Description summary (Optional) Displays a summary of NHRP cache purge information. dynamic (Optional) Displays the dynamic (learned) IP-to-NBMA cache entries only. static (Optional) Displays the static IP-to-NBMA address cache entries only (configured using the ip nhrp map command). incomplete (Optional) Displays information about an incomplete cache. interface-type interface-number (Optional) NHRP cache information for the specified interface type only; see Table 2-60 for types, number ranges, and descriptions. ip-address (Optional) NHRP cache information for the specified IP address only. detail (Optional) Displays detailed information about the NHRP cache. brief (Optional) Displays basic information about the NHRP cache. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Note Table 2-60 lists the valid types, number ranges, and descriptions for the type and number optional arguments. The valid types can vary according to the platform and interfaces on the platform. Table 2-60 Valid Types, Number Ranges, and Interface Descriptions Valid Types Number Ranges Interface Descriptions async 1 Async ctunnel 0 to 2147483647 C-Tunnel dialer 0 to 20049 Dialer fastethernet 0 to 6 Fast Ethernet IEEE 802.3 GigabitEthernet 0 to 6 Gigabit Ethernet IEEE 802.3 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-843 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip nhrp Table 2-60 Valid Types, Number Ranges, and Interface Descriptions (continued) Examples Valid Types Number Ranges Interface Descriptions loopback 0 to 2147483647 Loopback mfr 0 to 2147483647 Multilink Frame Relay bundle multilink 0 to 2147483647 Multilink-group null 0 Null port-channel 1 to 282 EtherChannel of interfaces pos-channel 1 to 4094 PoS channel of interfaces tunnel 0 to 2147483647 Tunnel interfaces vif 1 PGM multicast host tunnel 0 to 2147483647 Tunnel virtual-template 1 to 1000 Virtual template virtual-tokenring 0 to 2147483647 Virtual Token Ring xtagatm Extended tag ATM 0 to 2147483647 This example shows how to display information about the NHRP cache: Router# show ip nhrp 10.0.0.2 255.255.255.255, ATM0/0 created 0:00:43 expire 1:59:16 Type: dynamic Flags: authoritative NBMA address: 11.1111.1111.1111.1111.1111.1111.1111.1111.1111.11 10.0.0.1 255.255.255.255, Tunnel0 created 0:10:03 expire 1:49:56 Type: static Flags: authoritative NBMA address: 11.1.1.2 Table 2-61 describes the fields shown in the display. Table 2-61 show ip nhrp Field Descriptions Field Description 10.0.0.2 255.255.255.255 IP address and its network mask in the IP-to-NBMA address cache. The mask is currently always 255.255.255.255 because aggregation of NBMA information through NHRP is not supported. ATM0/0 created 0:00:43 Interface type and number (in this case, ATM slot and port numbers) and when it was created (hours:minutes:seconds). expire 1:59:16 Time in which the positive and negative authoritative NBMA address will expire (hours:minutes:seconds). This value is based on the ip nhrp holdtime command. Type • dynamic—NBMA address was obtained from the NHRP Request packet. • static—NBMA address was statically configured. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-844 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip nhrp Table 2-61 show ip nhrp Field Descriptions (continued) Field Description Flags NBMA address • authoritative—Indicates that the NHRP information was obtained from the next-hop server or router that maintains the NBMA-to-IP address mapping for a particular destination. • implicit—Indicates that the information was learned not from an NHRP request generated from the local router, but from an NHRP packet being forwarded or from an NHRP request being received by the local router. • negative—For negative caching; indicates that the requested NBMA mapping could not be obtained. Nonbroadcast multiaccess address. The address format is appropriate for the type of network being used (for example, ATM, Ethernet, SMDS, or multipoint tunnel). This example shows how to display basic information about the dynamic (learned) IP-to-NBMA cache entries only for a specific IP address: Router# show ip nhrp dynamic 255.255.255.255 brief Target Via NBMA Mode Related Commands Intfc Claimed Command Description ip nhrp holdtime Changes the number of seconds that NHRP NBMA addresses are advertised as valid in authoritative NHRP responses. ip nhrp map Statically configures the IP-to-NBMA address mapping of IP destinations connected to an MBMA network. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-845 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim bsr-router show ip pim bsr-router To display the BSR information, use the show ip pim bsr-router command. show ip pim vrf vrf-name bsr-router Syntax Description vrf vrf-name Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. Usage Guidelines The output includes elected BSR information and information about the locally configured candidate rendezvous-point advertisement. Examples This example shows how to display the BSR information: Router# show ip pim bsr-router PIMv2 Bootstrap information This system is the Bootstrap Router (BSR) BSR address: 172.16.143.28 Uptime: 04:37:59, BSR Priority: 4, Hash mask length: 30 Next bootstrap message in 00:00:03 seconds Next Cand_RP_advertisement in 00:00:03 seconds. RP: 172.16.143.28(Ethernet0), Group acl: 6 Table 2-62 describes the fields shown in the display. Table 2-62 show ip pim bsr Field Descriptions Field Description BSR address IP address of the bootstrap router. Uptime Length of time that this router has been up, in hours, minutes, and seconds. BSR Priority Priority as configured in the ip pim bsr-candidate command. Hash mask length Length of a mask (32 bits maximum) that is to be ANDed with the group address before the hash function is called. This value is configured in the ip pim bsr-candidate command. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-846 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim bsr-router Table 2-62 show ip pim bsr Field Descriptions (continued) Related Commands Field Description Next bootstrap message in Time in hours, minutes, and seconds in which the next bootstrap message is due from this BSR. Next Cand_RP_advertisement in Time in hours, minutes, and seconds in which the next candidate rendezvous-point advertisement will be sent. RP List of IP addresses of rendezvous points. Group acl Standard IP access list number that defines the group prefixes that are advertised in association with the rendezvous-point address. This value is configured in the ip pim bsr-candidate command. Command Description ip pim bsr-candidate Configures the router to announce its candidacy as a BSR. ip pim rp-candidate Configures the router to advertise itself as a PIM Version 2 rendezvous-point candidate to the BSR. show ip pim rp-hash Displays which rendezvous point is being selected for a specified group. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-847 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim interface df show ip pim interface df To display information about the designated forwarder interface, use the show ip pim interface df command. show ip pim vrf vrf-name interface df [rp-addr] Syntax Description vrf vrf-name Specifies the name that is assigned to the multicast VRF instance. rp-addr (Optional) Hostname or IP address of the designated forwarder. Defaults If you do not specify rp-addr, all designated forwarders are displayed. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the DF interface: Router# show ip pim interface df 10.18.1.31 Interface RP DF Winner Vlan70 10.18.1.31 10.70.1.55 FastEthernet5/5 10.18.1.31 10.16.1.30 FastEthernet5/6 10.18.1.31 10.18.1.31 Router# Metric 0 0 0 Uptime 14:16:24 14:16:24 14:16:24 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-848 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim mdt bgp show ip pim mdt bgp To display the detailed BGP advertisement of the route distinguisher for the MDT default group, use the show ip pim mdt bgp command. show ip pim vrf vrf-name mdt bgp Syntax Description vrf vrf-name Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples Specifies the name that is assigned to the multicast VRF instance. This example shows how to display the detailed BGP advertisement of the route distinguisher for the MDT default group: Router# show ip pim mdt bgp MDT-default group 232.2.1.4 rid:1.1.1.1 next_hop:1.1.1.1 Table 2-63 describes the fields shown in the display. Table 2-63 show ip pim mdt bgp Field Descriptions Field Description MDT-default group MDT default groups that have been advertised to this router. rid:10.1.1.1 BGP router ID of the advertising router. next_hop:10.1.1.1 BGP next-hop address that was contained in the advertisement. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-849 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim mdt history show ip pim mdt history To display the information on data MDTs that have been reused, use the show ip pim mdt history command. show ip pim vrf vrf-name mdt history interval minutes Syntax Description vrf vrf-name Specifies the name that is assigned to the multicast VRF instance. interval minutes Specifies the length of time, in minutes, for which the interval can be configured; valid values are from 1 to 71582 minutes (the maximum is 71582 minutes or 7 weeks). Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show ip pim mdt history command displays the data MDTs that have been reused during the past configured interval. Examples This example shows how to display the information on data MDTs that have been reused: Router# show ip pim vrf blue mdt history interval 20 MDT-data send history for VRF - blue for the past 20 minutes MDT-data group 10.9.9.8 10.9.9.9 Number of reuse 3 2 Table 2-64 describes the fields shown in the display. Table 2-64 show ip pim mdt history Field Descriptions Field Description MDT-data group MDT data group for which information is being shown. Number of reuse Number of data MDTs that have been reused in this group. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-850 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim mdt receive show ip pim mdt receive To display the data MDT advertisements that are received by a specified router, use the show ip pim mdt receive command. show ip pim vrf vrf-name mdt receive [detail] Syntax Description vrf vrf-name Specifies the name that is assigned to the multicast VRF instance. detail (Optional) Provides a detailed description of the data MDT advertisements that are received. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines When a router wants to switch over from the default MDT to a data MDT, it advertises the VRF source, the group pair, and the global multicast address over which the traffic will be sent. If the remote router wants to receive this data, then the remote router joins this global address multicast group. Examples This example shows how to display the data MDT advertisements that are received by a specified router: Router# show ip pim vrf vpn8 mdt receive detail Joined MDT-data groups for VRF:vpn8 group:232.2.8.0 source:10.0.0.100 ref_count:13 (10.101.8.10, 225.1.8.1), 1d13h/00:03:28/00:02:26, OIF count:1, flags:TY (10.102.8.10, 225.1.8.1), 1d13h/00:03:28/00:02:27, OIF count:1, flags:TY Table 2-65 describes the fields shown in the display. Table 2-65 show ip pim mdt receive Field Descriptions Field Description group:172.16.8.0 Group that caused the data MDT to be built. source:10.0.0.100 VRF source that caused the data MDT to be built. ref_count:13 Number of source and group pairs that are reusing this data MDT. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-851 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim mdt receive Table 2-65 show ip pim mdt receive Field Descriptions (continued) Field Description OIF count:1 Number of interfaces out of which this multicast data is being forwarded. flags: Information about the entry: A - Candidate MSDP advertisement B - Bidir group D - Dense C - Connected F - Register flag I - Received source-specific host report J - Join SPT L - Local M - MSDP-created entry P - Pruned R - RP bit set S - Sparse s - SSM group T - SPT bit set X - Proxy join timer running U -URD Y - Joined MDT data group y - Sending to MDT data group Z - Multicast tunnel Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-852 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim mdt send show ip pim mdt send To display the data MDT advertisements that a specified router has made, use the show ip pim mdt send command. show ip pim vrf vrf-name mdt send Syntax Description vrf vrf-name Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Specifies the name that is assigned to the multicast VRF instance. Usage Guidelines Use this command to show the data MDT advertisements that a specified router has made. Examples This example shows how to display the data MDT advertisements that a specified router has made: Router# show ip pim mdt send MDT-data send list for VRF:vpn8 (source, group) (10.100.8.10, 225.1.8.1) (10.100.8.10, 225.1.8.2) (10.100.8.10, 225.1.8.3) (10.100.8.10, 225.1.8.4) (10.100.8.10, 225.1.8.5) (10.100.8.10, 225.1.8.6) (10.100.8.10, 225.1.8.7) (10.100.8.10, 225.1.8.8) (10.100.8.10, 225.1.8.9) (10.100.8.10, 225.1.8.10) MDT-data group 232.2.8.0 232.2.8.1 232.2.8.2 232.2.8.3 232.2.8.4 232.2.8.5 232.2.8.6 232.2.8.7 232.2.8.8 232.2.8.9 ref_count 1 1 1 1 1 1 1 1 1 1 Table 2-66 describes the fields shown in the display. Table 2-66 show ip pim mdt send Field Descriptions Field Description source, group Source and group addresses that this router has switched over to data MDTs. MDT-data group Multicast address over which these data MDTs are being sent. ref_count Number of source and group pairs that are reusing this data MDT. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-853 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim neighbor show ip pim neighbor To display the list that the PIM neighbors discovered, use the show ip pim neighbor command. show ip pim vrf vrf-name neighbor [interface-type interface-number] Syntax Description vrf vrf-name Specifies the name that is assigned to the multicast VRF instance. interface-type (Optional) Interface type. interface-number Interface number. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use this command to determine which routers on the LAN are configured for PIM. Examples This example shows how to display the list that the PIM neighbors discovered: Router# show ip pim neighbor PIM Neighbor Table Neighbor Address Interface 192.168.37.2 Ethernet0 192.168.37.33 Ethernet0 192.168.36.131 Ethernet1 192.168.36.130 Ethernet1 10.1.22.9 Tunnel0 Uptime Expires 17:38:16 0:01:25 17:33:20 0:01:05 17:33:20 0:01:08 18:56:06 0:01:04 19:14:59 0:01:09 Mode Dense Dense (DR) Dense (DR) Dense Dense Table 2-67 describes the fields shown in the display. Table 2-67 show ip pim neighbor Field Descriptions Field Description Neighbor Address IP address of the PIM neighbor. Interface Interface type and number on which the neighbor is reachable. Uptime Time in hours, minutes, and seconds that the entry has been in the PIM neighbor table. Expires Time in hours, minutes, and seconds until the entry will be removed from the IP multicast routing table. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-854 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim neighbor Table 2-67 show ip pim neighbor Field Descriptions (continued) Related Commands Field Description Mode Mode in which the interface is operating. (DR) Status of whether this neighbor is a designated router on the LAN. Command Description ip pim state-refresh disable Disables the processing and forwarding of PIM dense-mode refresh-control messages on a PIM router. ip pim state-refresh origination-interval Configures the origination of and the interval for PIM dense-mode state-refresh control messages on a PIM router. show ip pim interface df Displays information about the designated forwarder interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-855 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim rp-hash show ip pim rp-hash To display which rendezvous point is being selected for a specified group, use the show ip pim rp-hash command. show ip pim vrf vrf-name rp-hash {group-address | group-name} Syntax Description vrf vrf-name Specifies the name that is assigned to the multicast VRF instance. group-address | group-name Rendezvous-point information for the specified group address or name as defined in the DNS hosts table. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines This command displays which rendezvous point was selected for the group specified. It also shows whether this rendezvous point was selected by Auto-RP or the PIM Version 2 bootstrap mechanism. Examples This example shows how to display which rendezvous point is being selected for a specified group: Router# show ip pim rp-hash 239.1.1.1 RP 172.16.24.12 (mt1-47a.cisco.com), v2 Info source: 172.16.24.12 (mt1-47a.cisco.com), via bootstrap Uptime: 05:15:33, expires: 00:02:01 Table 2-68 describes the fields shown in the display. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-856 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim rp-hash Table 2-68 show ip pim rp-hash Field Descriptions Field Description RP 172.16.24.12 (mt1-47a.cisco.com), v2 Address of the rendezvous point for the group specified (239.1.1.1). The DNS name of the rendezvous point within the parentheses. If the address of the rendezvous point is not registered in the DNS, a question mark (?) is displayed. PIM Version 2 is configured. Info source: 172.16.24.12 (mt1-47a.cisco.com), via bootstrap System from which the router learned this rendezvous-point information and the DNS name of the source. The rendezvous point was selected by the bootstrap mechanism. In this case, the BSR is also the rendezvous point. Uptime Length of time (in hours, minutes, and seconds) that the router has known about this rendezvous point. expires Time (in hours, minutes, and seconds) after which the information about this rendezvous point expires. If the router does not receive any refresh messages in this time, it discards information about this rendezvous point. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-857 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim rp mapping show ip pim rp mapping To display the mappings for the PIM group to the active rendezvous points, use the show ip pim rp mapping command. show ip pim vrf vrf-name rp mapping [rp-address] Syntax Description vrf vrf-name Specifies the name that is assigned to the multicast VRF instance. rp-address (Optional) Rendezvous-point IP address. Defaults If you do not specify an rp-address, the mappings for all the active rendezvous points are displayed. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the mappings for the PIM group to the active rendezvous points: Router# show ip pim rp mapping PIM Group-to-RP Mappings This system is an RP-mapping agent Group(s) 224.1.0.0/16 RP 6.6.6.6 (?), v2v1 Info source: 6.6.6.6 (?), elected via and the elected RP. Uptime: 22:36:49, expires: 00:02:04 Group(s) 225.2.2.0/24 RP 9.9.9.9 (?), v2v1, bidir Info source: 9.9.9.9 (?), elected via Uptime: 22:36:20, expires: 00:02:37 Group(s) 226.2.2.0/24 RP 2.2.2.2 (?), v2v1, bidir Info source: 2.2.2.2 (?), elected via Uptime: 22:36:24, expires: 00:02:29 Group(s) 227.2.2.0/24 RP 9.9.9.9 (?), v2v1, bidir Info source: 9.9.9.9 (?), elected via Uptime: 22:36:21, expires: 00:02:35 Router# Auto-RP ---> learned via Auto-RP Auto-RP Auto-RP Auto-RP Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-858 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim rp mapping Table 2-69 describes the fields that are shown in the example. Table 2-69 show ip pim rp mapping Field Descriptions Field Description Info source ACL number. Static Group-to-mapping information from the static rendezvous-point configuration. Bidir Mode Status of whether the rendezvous point is operating in bidirectional mode. RP Address of the rendezvous point for that group. (?) Status that shows no Domain Name System (DNS) name has been specified. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-859 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim snooping show ip pim snooping To display the information about IP PIM snooping, use the show ip pim snooping command. show ip pim snooping show ip pim snooping vlan vlan-id [neighbor | mac-group | statistics | mroute [{src-ip | group-ip}]] Syntax Description vlan vlan-id Displays information for a specific VLAN; valid values are from 1 to 4094. neighbor (Optional) Displays information about the neighbor database. mac-group (Optional) Displays information about the GDA database in Layer 2. statistics (Optional) Displays information about the VLAN statistics. mroute (Optional) Displays information about the mroute database. src-ip (Optional) Source IP address. group-ip (Optional) Group IP address. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the information about the global status: Router# show ip pim snooping Global runtime mode: Enabled Global admin mode : Enabled Number of user enabled VLANs: 1 User enabled VLANs: 10 Router# This example shows how to display the information about a specific VLAN: Router# show ip pim snooping vlan 10 3 neighbors (0 DR priority incapable, 0 Bi-dir incapable) 6 mroutes, 3 mac entries DR is 10.10.10.4 RP DF Set Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-860 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim snooping This example shows how to display the information about the neighbor database for a specific VLAN: Router# show ip pim snooping vlan 10 neighbor IP Address Mac address Port Uptime/Expires Flags 10.10.10.2 000a.f330.344a 3/13 00:09:57/00:01:22 10.10.10.1 000a.f330.334a 3/12 00:09:44/00:01:21 10.10.10.4 000a.f330.3c00 15/01 00:09:57/00:01:22 DR Number of Neighbors = 3 Router# This example shows how to display the information about the GDA database for a specific VLAN in Layer 2: Router# show ip pim snooping vlan 10 mac-group Mac address Group address Uptime/Expires 0100.5e01.6465 224.1.100.101 00:20:26/00:02:43 0100.5e01.6464 224.1.100.100 00:20:28/00:02:41 0100.5e00.0128 224.0.1.40 00:20:27/00:02:47 Number of mac-groups = 3 Router# Outgoing Ports 3/12 3/13 15/1 3/12 3/13 15/1 3/12 3/13 15/1 This example shows how to display the detailed statistics for a specific VLAN: Router# show ip pim snooping vlan 10 statistics PIMv2 statistics for vlan 10: Hello : 811 Join/Prunes : 1332 RP DF Election : 0 Asserts : 133 Other types : 0 Hello Hello Hello Hello Hello Hello Hello Hello Hello Error Error Error Error option holdtime [1] option Generation ID[20] option DR priority[19] option Bi-dir capable[22] option Fast Hold[65005] option Lan Prune Delay[2] option Tag switching [17] option PIM-DM State Refresh[21] option Deprecated Cisco DR priority[18] - Hello length too short - Hello hold option missing - Hello option length - Hello option unknown : : : : : : : : : : : : : 811 544 544 0 0 0 0 544 0 0 0 0 0 Error Error Error Error - : : : : 0 0 0 0 Join/Prune Join/Prune Join/Prune Join/Prune Address Family Parser malloc failure Unknown up/down neighbor Malformed packet discards Error - RPDF election Address Family Error - RPDF Unknown up/down neighbor : 0 : 0 Error - Generic packet input error Router# : 0 This example shows how to display the information about the mroute database for all mrouters in a specific VLAN: Router# show ip pim snooping vlan 10 mroute Number of Mroutes = 6 Flags: J/P - (*,G) Join/Prune, j/p - (S,G) Join/Prune SGR-P - (S,G,R) Prune Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-861 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim snooping (*, 224.1.100.101), 00:16:14/00:02:58 10.10.10.1->10.10.10.2, 00:16:14/00:02:58, J Downstream ports: 3/12 Upstream ports: 3/13 Outgoing ports: 3/12 3/13 (*, 224.1.100.100), 00:16:16/00:02:56 10.10.10.1->10.10.10.2, 00:16:16/00:02:56, J Downstream ports: 3/12 Upstream ports: 3/13 Outgoing ports: 3/12 3/13 (10.10.10.2, 224.0.1.40), 00:16:10/00:03:03 10.10.10.1->10.10.10.2, 00:16:10/00:03:03, SGR-P Downstream ports: Upstream ports: 3/13 Outgoing ports: 3/13 (*, 224.0.1.40), 00:16:16/00:03:02 10.10.10.1->10.10.10.2, 00:16:16/00:03:02, J Downstream ports: 3/12 Upstream ports: 3/13 Outgoing ports: 3/12 3/13 (*, 224.10.10.10), 00:02:23/00:01:06 Downstream ports: Upstream ports: Outgoing ports: 3/12 3/13 (123.123.123.123, 224.10.10.10), 00:02:23/00:01:06 10.10.10.1->10.10.10.2, 00:02:23/00:01:06, j Downstream ports: 3/12 Upstream ports: 3/13 Outgoing ports: 3/12 3/13 Router# This example shows how to display the information about the PIM mroute for a specific source address: Router# show ip pim snooping vlan 10 mroute 224.1.100.100 (*, 224.1.100.100), 00:16:36/00:02:36 10.10.10.1->10.10.10.2, 00:16:36/00:02:36, J Downstream ports: 3/12 Upstream ports: 3/13 Outgoing ports: 3/12 3/13 Router# This example shows how to display the information about the PIM mroute for a specific source and group address: Router# show ip pim snooping vlan 10 mroute 123.123.123.123 224.10.10.10 (123.123.123.123, 224.10.10.10), 00:03:04/00:00:25 10.10.10.1->10.10.10.2, 00:03:04/00:00:25, j Downstream ports: 3/12 Upstream ports: 3/13 Outgoing ports: 3/12 3/13 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-862 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip pim snooping Related Commands Command Description ip pim snooping (global configuration mode) Enables PIM snooping globally. ip pim snooping (interface configuration mode) Enables PIM snooping on an interface. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-863 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip rpf events show ip rpf events To display the triggered RPF statistics, use the show ip rpf events command. show ip rpf [vrf vrf-name] events Syntax Description vrf vrf-name Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples (Optional) Specifies the name that is assigned to the multicast VPN routing and forwarding (VRF) instance. This example shows how to display the triggered RPF statistics: Router# show ip rpf events Last 15 triggered multicast RPF check events RPF backoff delay: 500 msec RPF maximum delay: 5 sec DATE/TIME BACKOFF PROTOCOL EVENT RPF CHANGES Jan 1 00:00:55.643 500 msec EIGRP Route UP 0 Jan 1 00:00:07.283 1000 sec Connected Route UP 0 Jan 1 00:00:06.283 500 msec Connected Route UP 0 Router# Related Commands Command Description ip multicast rpf backoff Sets the PIM-backoff interval. ip multicast rpf interval Sets the RPF consistency-check interval. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-864 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip wccp show ip wccp To display the WCCP statistics, use the show ip wccp command. show ip wccp [{service-number | web-cache} [detail | view]] Syntax Description service-number (Optional) Identification number of the cache engine service group being controlled by a router; valid values are from 0 to 99. web-cache (Optional) Directs the router to display statistics for the web-cache service. detail (Optional) Displays information for the router and all cache engines in the currently configured cluster. view (Optional) Displays which other members of a particular service group have or have not been detected. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the show ip wccp service-number command to provide the “Total Packets Redirected” count. The “Total Packets Redirected” count is the number of flows, or sessions, that are redirected. Use the show ip wccp service-number detail command to provide the “Packets Redirected” count. The “Packets Redirected” count is the number of flows, or sessions, that are redirected. Use the show ip wccp web-cache detail command to provide an indication of how many flows, rather than packets, are using Layer 2 redirection. For cache-engine clusters using Cisco cache engines, the reverse proxy service-number is indicated by a value of 99. Use the clear ip wccp command to reset the counter for the “Packets Redirected” information. For additional information on the IP WCCP commands, refer to the “Configuring Web Cache Services Using WCCP” section in the Cisco IOS Configuration Fundamentals Configuration Guide. Examples This example shows how to display the connected cache engine using Layer 2 redirection: Router# show ip wccp web-cache detail WCCP Cache-Engine information: IP Address: 10.11.1.1 Protocol Version: 2.0 State: Usable Redirection: L2 Initial Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-865 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ip wccp Assigned Hash Info: Hash Allotment: Packets Redirected: Connect Time: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 256 (100.00%) 10273 17:05:44 Table 2-70 describes the fields that are shown in the example. Table 2-70 show ip wccp web-cache detail Command Output Fields Field Description WCCP Cache-Engine information Header for the area that contains fields for the IP address and version of WCCP that is associated with the router that is connected to the cache engine in the service group. IP Address IP address of the router that is connected to the cache engine in the service group. Protocol Version Version of WCCP that is used by the router in the service group. WCCP Cache-Engine information Fields for information on cache engines. Related Commands IP Address IP address of the cache engine in the service group. Protocol Version Version of WCCP that is used by the cache engine in the service group. State Status of whether the cache engine is operating properly and can be contacted by a router and other cache engines in the service group. Initial Hash Info Initial state of the hash-bucket assignment. Assigned Hash Info Current state of the hash-bucket assignment. Hash Allotment Percentage of buckets that is assigned to the current cache engine. Both a value and a percent figure are displayed. Packets Redirected Number of flows or sessions that have been redirected to the cache engine. Connect Time Amount of time that it takes for the cache engine to connect to the router. Command Description clear ip wccp Removes WCCP statistics (counts) maintained on the router for a particular service. ip wccp Directs a router to enable or disable the support for a cache engine service group. ip wccp redirect Enables packet redirection on an outbound or inbound interface using WCCP. ip wccp web-cache accelerated Enables the hardware acceleration for WCCP version 1. show ip interface Displays the usability status of interfaces that are configured for IP. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-866 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mfib show ipv6 mfib To display the forwarding entries and interfaces in the IPv6 MFIB, use the show ipv6 mfib command. show ipv6 mfib [{group-ip-addr/prefix-length | group-name | group-address [source-name | source-address]} | {active kbps} | count | interface | status | summary | verbose] show ipv6 mfib [link-local [active [kbps] | count | verbose]] Syntax Description group-ip-addr/prefix-length (Optional) Group IPv6 address/prefix length for the IPv6 network assigned to the interface. group-name (Optional) Multicast group name. group-address (Optional) Group IPv6 address. source-name (Optional) Source name. source-address (Optional) Source IP address. active kbps (Optional) Displays the rate at which active sources are sending to multicast groups; valid values are from 0 to 4294967295 kilobits per second. count (Optional) Displays information about the route and packet count. interface (Optional) Displays information about the interface settings and status. status (Optional) Displays information about the general settings and status. summary (Optional) Displays information about the summary statistics. verbose (Optional) Displays additional information such as the MAC encapsulation header and platform-specific information. link-local (Optional) Displays the link-local groups. Defaults prefix-length is 128. Command Modes User EXEC or Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines Use the show ipv6 mfib command to display MFIB entries, forwarding interfaces, and their traffic statistics. This command can be enabled on virtual IP (VIP) if the router is operating in distributed mode. Use the show ipv6 mfib active command to display MFIB entries actively used to forward packets. In many cases, it is useful to provide the optional kbps argument to display the set of entries that are forwarding an amount of traffic larger or equal to the amount set by the kbps argument. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-867 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mfib Use the show ipv6 mfib count command to display the average packet size and data rate in kilobits per seconds. The prefix-length is the length of the IPv6 prefix. A decimal value that indicates how many of the high-order contiguous bits of the address comprise the prefix (the network portion of the address). A slash mark must precede the decimal value. A forwarding entry in the MFIB has flags that determine the default forwarding and signaling behavior to use for packets matching the entry. The entry also has per-interface flags that further specify the forwarding behavior for packets received or forwarded on specific interfaces. Table 2-71 describes the MFIB forwarding entries and interface flags. Table 2-71 MFIB Forwarding Entries and Interface Flags Examples Flag Description F Forward—Data is forwarded out of this interface. A Accept—Data received on this interface is accepted for forwarding. IC Internal copy—Deliver a copy of the packets received or forwarded on this interface to the router. NS Negate signal—Reverse the default entry signaling behavior for packets received on this interface. DP Do not preserve—When signaling the reception of a packet on this interface, do not preserve a copy of it (discard it instead). SP Signal present—The reception of a packet on this interface was just signaled. S Signal—By default, signal the reception of packets matching this entry. C Perform directly connected check for packets matching this entry. Signal the reception if packets were originated by a directly connected source. This example shows how to display information for a specific group IPv6 address: Router# show ipv6 mfib ff35::1:1 IP Multicast Forwarding Information Base Entry Flags: C - Directly Connected, S - Signal, IA - Inherit A flag, AR - Activity Required, D - Drop Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second Other counts: Total/RPF failed/Other drops Interface Flags: A - Accept, F - Forward, NS - Negate Signalling IC - Internal Copy, NP - Not platform switched SP - Signal Present Interface Counts: Distributed FS Pkt Count/FS Pkt Count/PS Pkt Count (1600::2,FF35::1:1) Flags: RP Forwarding: 7188/100/48/37, Other: 203619/203619/0 LC Forwarding: 0/0/0/0, Other: 0/0/0 Vlan25 Flags: A Vlan11 Flags: F NS Pkts: 0/7188/0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-868 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mfib Table 2-72 describes the fields shown in the display. Table 2-72 show ipv6 mfib Field Descriptions Field Description Entry flags Information about the entry. Forwarding Counts Statistics on the packets that are received and forwarded to at least one interface. Pkt Count/ Total number of packets received and forwarded since the creation of the multicast forwarding state to which this counter applies. Pkts per second/ Number of packets received and forwarded per second. Avg Pkt Size/ Total number of bytes divided by the total number of packets for this multicast forwarding state. There is no direct display for the total number of bytes. You can calculate the total number of bytes by multiplying the average packet size by the packet count. Kbits per second Bytes per second divided by packets per second, and divided by 1000. Other counts: Statistics on the received packets. These counters include statistics about the packets received and forwarded and packets received but not forwarded. Interface Flags: Information about the interface. See Table 2-71 for further information on interface flags. Interface Counts: Interface statistics. This example shows forwarding entries and interfaces in the MFIB with a group address of FF03:1::1 and a source address of 5002:1::2 specified: Router# show ipv6 mfib FF03:1::1 5002:1::2 IP Multicast Forwarding Information Base Entry Flags:C - Directly Connected, S - Signal, IA - Inherit A flag, AR - Activity Required, D - Drop Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second Other counts:Total/RPF failed/Other drops Interface Flags:A - Accept, F - Forward, NS - Negate Signalling IC - Internal Copy, NP - Not platform switched SP - Signal Present Interface Counts:FS Pkt Count/PS Pkt Count (5002:1::2,FF03:1::1) Flags: Forwarding:71505/0/50/0, Other:42/0/42 GigabitEthernet5/0 Flags:A GigabitEthernet5/0.19 Flags:F NS Pkts:239/24 GigabitEthernet5/0.20 Flags:F NS Pkts:239/24 . . . GigabitEthernet5/0.16 Flags:F NS Pkts:71628/24 This example shows forwarding entries and interfaces in the MFIB with a group address of FF03:1::1 and a default prefix of 128: Router# show ipv6 mfib FF03:1::1/128 IP Multicast Forwarding Information Base Entry Flags:C - Directly Connected, S - Signal, IA - Inherit A flag, Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-869 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mfib AR - Activity Required, D - Drop Forwarding Counts:Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second Other counts:Total/RPF failed/Other drops Interface Flags:A - Accept, F - Forward, NS - Negate Signalling IC - Internal Copy, NP - Not platform switched SP - Signal Present Interface Counts:FS Pkt Count/PS Pkt Count (*,FF03:1::1) Flags:C Forwarding:0/0/0/0, Other:0/0/0 Tunnel1 Flags:A NS GigabitEthernet5/0.25 Flags:F NS Pkts:0/0 . . . GigabitEthernet5/0.16 Flags:F NS Pkts:0/0 This example displays statistics on the rate at which active IP multicast sources are sending information. The router is switching traffic from 2001::1:1:200 to FF05::1: Router# show ipv6 mfib active Active IPv6 Multicast Sources - sending >= 4 kbps Group: FF05::1 Source: 2001::1:1:200 Rate: 20 pps/16 kbps(1sec), 0 kbps(last 128 sec) Table 2-73 describes the fields shown in the display. Table 2-73 show ipv6 mfib active Field Descriptions Field Description Group: Summary information about counters for (*, G) and the range of (S,G) states for one particular group G. The following RP-tree: and Source: output fields contain information about the individual states belonging to this group. Note Rate...kbps For PIM-SSM range groups, the Group: displays are statistical. All SSM range (S,G) states are individual, unrelated SSM channels. Bytes per second divided by packets per second and divided by 1000. On an IP multicast fast-switching platform, the number of packets per second is the number of packets during the last second. Other platforms may use a different approach to calculate this number. Refer to the Catalyst Supervisor Engine 32 PISA Cisco IOS Software Configuration Guide—Release 12.2ZY for more information. This example displays statistics from the MFIB about the group and source. The router is switching traffic from 2001::1:1:200 to FF05::1: Router# show ipv6 mfib count IP Multicast Statistics 54 routes, 7 groups, 0.14 average sources per group Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kilobits per second Other counts: Total/RPF failed/Other drops(OIF-null, rate-limit etc) Group: FF00::/8 RP-tree: Forwarding: 0/0/0/0, Other: 0/0/0 Group: FF00::/15 RP-tree: Forwarding: 0/0/0/0, Other: 0/0/0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-870 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mfib Group: FF05::1 RP-tree: Forwarding: 2/0/100/0, Other: 0/0/0 Source: 10::1:1:200, Forwarding: 367/10/100/7, Other: 0/0/0 Tot. shown: Source count: 1, pkt count: 369 Group: FF10::/15 RP-tree: Forwarding: 0/0/0/0, Other: 0/0/0 Group: FF20::/15 RP-tree: Forwarding: 0/0/0/0, Other: 0/0/0 Table 2-74 describes the fields shown in the display. Table 2-74 show ipv6 mfib count Field Descriptions Field Description Forwarding Counts Statistics on the packets that are received and forwarded to at least one interface. Pkt Count/ Total number of packets received and forwarded since the multicast forwarding state to which this counter applies was created. Pkts per second/ Number of packets received and forwarded per second. Avg Pkt Size/ Total number of bytes divided by the total number of packets for this multicast forwarding state. There is no direct display for the total number of bytes. You can calculate the total number of bytes by multiplying the average packet size by the packet count. Kilobits per second Bytes per second, divided by packets per second, and divided by 1000. Other counts: Statistics on the received packets. These counters include statistics about the packets received and forwarded and packets received but not forwarded. Total/ Total number of packets received. RPF failed/ Number of packets not forwarded due to a failed RPF or acceptance check (when bidirectional PIM is configured). Other drops (OIF-null, rate-limit etc) Number of packets not forwarded for reasons other than an RPF or acceptance check (such as the outgoing interface [OIF] list was empty or because the packets were discarded because of a configuration that was enabled). Group: Summary information about counters for (*,G) and the range of (S,G) states for one particular group G. The following RP-tree: and Source: output fields contain information about the individual states belonging to this group. Note RP-tree: For Source Specific Multicast (PIM-SSM) range groups, the Group: displays are statistical. All SSM range (S,G) states are individual, unrelated SSM channels. Counters for the (*,G) state of this group G. These counters are displayed only for groups that have a forwarding mode that do not forward packets on the shared tree. These (*,G) groups are bidirectional PIM and PIM sparse mode (PIM-SM) groups. There are no RP-tree displays for PIM SSM range groups. This example shows forwarding entries and interfaces in the MFIB and additional information such as the MAC encapsulation header and platform-specific information: Router# show ipv6 mfib ff33::1:1 verbose IP Multicast Forwarding Information Base Entry Flags: C - Directly Connected, S - Signal, IA - Inherit A flag, AR - Activity Required, K - Keepalive Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second Other counts: Total/RPF failed/Other drops Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-871 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mfib Platform per slot HW-Forwarding Counts: Pkt Count/Byte Count Platform flags: HF - Forwarding entry,HB - Bridge entry,HD - NonRPF Drop entry, NP - Not platform switchable,RPL - RPF-ltl linkage, MCG - Metset change,ERR - S/w Error Flag,RTY - In RetryQ, LP - L3 pending,MP - Met pending,AP - ACL pending Interface Flags: A - Accept, F - Forward, NS - Negate Signalling IC - Internal Copy, NP - Not platform switched SP - Signal Present Interface Counts: Distributed FS Pkt Count/FS Pkt Count/PS Pkt Count (10::2,FF33::1:1) Flags: K RP Forwarding: 0/0/0/0, Other: 0/0/0 LC Forwarding: 0/0/0/0, Other: 0/0/0 HW Forwd: 0/0/0/0, Other: NA/NA/NA Slot 6: HW Forwarding: 0/0, Platform Flags: HF RPL Slot 1: HW Forwarding: 0/0, Platform Flags: HF RPL Vlan10 Flags: A Vlan30 Flags: F NS Pkts: 0/0/0 MAC: 33330001000100D0FFFE180086DD Router# Table 2-75 describes the fields shown in the display. Table 2-75 show ipv6 mfib verbose Field Descriptions Field Description Platform flags Information about the platform. Platform per slot HW-Forwarding Counts Total number of packets per bytes forwarded. Table 2-76 describes the MFIB platform flags. Table 2-76 MFIB Platform Flags Flag Description H Entry is installed in hardware HF Forwarding entry HB Bridge entry HD NonRPF Drop entry NP Software switched RPL RPF-ltl linkage MCG Metset change ERR S/w Error Flag RTY In RetryQ LP Layer 3 pending MP Met pending AP ACL pending Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-872 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mld snooping show ipv6 mld snooping To display MLDv2 snooping information, use the show ipv6 mld snooping command. show ipv6 mld snooping {{explicit-tracking vlan} | {mrouter [vlan vlan]} | {report-suppression vlan vlan} | {statistics vlan vlan}} Syntax Description explicit-tracking vlan vlan Displays the status of explicit host tracking. mrouter Displays the multicast router interfaces on an optional VLAN. vlan vlan (Optional) Specifies the VLAN number on the multicast router interfaces. report-suppression vlan vlan Displays the status of the report suppression. statistics vlan vlan Displays IGMP snooping information on a VLAN. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines You can also use the show ip igmp snooping commands to display information about IGMP snooping. You can enter the show ipv6 mld snooping mrouter command without arguments to display all the multicast router interfaces. Examples This example shows how to display explicit tracking information on VLAN 25: Router# show ipv6 mld snooping explicit-tracking vlan 25 Source/Group Interface Reporter Filter_mode -----------------------------------------------------------------------10.1.1.1/226.2.2.2 Vl25:1/2 16.27.2.3 INCLUDE 10.2.2.2/226.2.2.2 Vl25:1/2 16.27.2.3 INCLUDE Router# This example shows how to display the multicast router interfaces in VLAN 1: Router# show ipv6 mld snooping mrouter vlan 1 vlan ports -----+---------------------------------------1 Gi1/1,Gi2/1,Fa3/48,Router Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-873 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show ipv6 mld snooping This example shows the IGMP snooping statistics information for VLAN 25: Router# show ipv6 mld snooping statistics interface vlan 25 Snooping staticstics for Vlan25 #channels:2 #hosts :1 Source/Group 10.1.1.1/226.2.2.2 10.2.2.2/226.2.2.2 Router# Related Commands Interface Gi1/2:Vl25 Gi1/2:Vl25 Reporter 16.27.2.3 16.27.2.3 Uptime 00:01:47 00:01:47 Command Description ipv6 mld snooping Enables MLDv2 snooping globally. ipv6 mld snooping explicit-tracking Enables explicit host tracking. ipv6 mld snooping querier Enables the MLDv2 snooping querier. ipv6 mld snooping report-suppression Enables report suppression on a VLAN. Last-Join 00:00:50 00:00:50 Last-Leave - Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-874 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show l2protocol-tunnel show l2protocol-tunnel To display the protocols that are tunneled on an interface or on all interfaces, use the show l2protocol-tunnel command. show l2protocol-tunnel [{interface interface mod/port} | {vlan vlan-id} | summary] Syntax Description interface interface (Optional) Specifies the interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. mod/port Module and port number. vlan vlan-id Specifies the VLAN; valid values are from 1 to 4094. summary (Optional) Displays a summary of a tunneled port. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The show l2protocol-tunnel command displays only the ports that have protocol tunneling enabled. The show l2protocol-tunnel summary command displays the ports that have protocol tunneling enabled, regardless of whether the port is down or currently configured as a trunk. Examples This example shows how to display the protocols that are tunneled on all interfaces: Router# show l2protocol-tunnel COS for Encapsulated Packets: 5 Drop Threshold for Encapsulated Packets: 3000 Port Protocol Shutdown Drop Encapsulation Threshold Threshold Counter ------- -------- --------- --------- ------------Fa3/38 cdp ---3000 5 stp ---3000 2653 --------Router# Decapsulation Counter ------------0 0 ---- Drop Counter ------------0 0 ---- This example shows how to display a summary of Layer 2-protocol tunnel ports: Router# show l2protocol-tunnel summary COS for Encapsulated Packets:5 Drop Threshold for Encapsulated Packets:0 Port Protocol Shutdown Threshold (cdp/stp/vtp) Drop Threshold (cdp/stp/vtp) Status Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-875 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show l2protocol-tunnel ------Fa9/1 Fa9/9 Fa9/47 Fa9/48 Router> Related Commands ------------- stp --cdp stp vtp --- --- --cdp stp vtp -------------------/----/-------/----/-------/----/-------/----/---- -------------------/----/-------/----/---1500/1500/1500 ----/----/---- ---------down up down(trunk) down(trunk) Command Description l2protocol-tunnel Enables the protocol tunneling on an interface and specifies the type of protocol to be tunneled. l2protocol-tunnel drop-threshold Specifies the maximum number of packets that can be processed for the specified protocol on that interface before being dropped. l2protocol-tunnel global drop-threshold Enables rate limiting at the software level. l2protocol-tunnel shutdown-threshold Specifies the maximum number of packets that can be processed for the specified protocol on that interface in 1 second. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-876 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show l3-mgr show l3-mgr To display the information about the Layer 3 manager, use the show l3-mgr command. show l3-mgr status show l3-mgr {interface {{interface interface-number} | {null interface-number} | {port-channel number} | {vlan vlan-id} | status}} Syntax Description status Displays information about the global variable. interface Displays information about the Layer 3 manager. interface Interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. null interface-number Specifies the null interface; the valid value is 0. port-channel number Specifies the channel interface; valid values are a maximum of 64 values ranging from 1 to 282. vlan vlan-id Specifies the VLAN; valid values are from 1 to 4094. status Displays status information about the Layer 3 manager. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. The port-channel number values from 257 to 282 are supported on the CSM and the FWSM only. Examples This example shows how to display the status of the Layer 3 manager: Router# show l3-mgr status l3_mgr_state: 2 l3_mgr_req_q.count: 0 l3_mgr_req_q.head: 0 Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-877 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show l3-mgr l3_mgr_req_q.tail: 0 l3_mgr_max_queue_count: 1060 l3_mgr_shrunk_count: 0 l3_mgr_req_q.ip_inv_count: 303 l3_mgr_req_q.ipx_inv_count: 0 l3_mgr_outpak_count: 18871 l3_mgr_inpak_count: 18871 l3_mgr_max_pending_pak: 4 l3_mgr_pending_pak_count: 0 nde enable statue: current nde addr: 0 0.0.0.0 Router# This example shows how to display the information about the Layer 3 manager for a specific interface: Router# show l3-mgr interface fastethernet 5/40 vlan: 0 ip_enabled: 1 ipx_enabled: 1 bg_state: 0 0 0 0 hsrp_enabled: 0 hsrp_mac: 0000.0000.0000 state: 0 up: 0 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-878 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show lacp show lacp To display LACP information, use the show lacp command. show lacp [channel-group] {counters | internal | neighbors | sys-id} Syntax Description channel-group (Optional) Number of the channel group; valid values are from 1 to 282. counters Displays information about the LACP statistics. internal Displays LACP internal information. neighbors Displays information about the LACP neighbor. sys-id Displays the LACP system identification. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify a channel-group, all channel groups are displayed. The channel-group values from 257 to 282 are supported on the CSM and the FWSM only. You can enter the optional channel-group to specify a channel group for all keywords, except the sys-id keyword. Examples This example shows how to display the LACP statistics for a specific channel group: Router# show lacp 1 counters LACPDUs Marker LACPDUs Port Sent Recv Sent Recv Pkts Err --------------------------------------------------Channel group: 1 Fa4/1 8 15 0 0 3 0 Fa4/2 14 18 0 0 3 0 Fa4/3 14 18 0 0 0 Fa4/4 13 18 0 0 0 The output displays the following information: • The LACPDUs Sent and Recv columns display the LACPDUs that are sent and received on each specific interface. • The LACPDUs Pkts and Err columns display the marker-protocol packets. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-879 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show lacp This example shows how to display internal information for the interfaces that belong to a specific channel: Router# show lacp 1 internal Flags: S - Device sends PDUs at slow rate. F - Device sends PDUs at fast rate. A - Device is in Active mode. P - Device is in Passive mode. Channel group 1 Port Fa4/1 Fa4/2 Fa4/3 Fa4/4 Router# Flags saC saC saC saC State bndl bndl bndl bndl LACPDUs Interval 30s 30s 30s 30s LACP Port Priority 32768 32768 32768 32768 Admin Key 100 100 100 100 Oper Key 100 100 100 100 Port Number 0xc1 0xc2 0xc3 0xc4 Port State 0x75 0x75 0x75 0x75 Table 2-77 describes the fields that are shown in the example. Table 2-77 show lacp internal Command Output Fields Field Description State State of the specific port at the current moment is displayed; allowed values are as follows: • bndl—Port is attached to an aggregator and bundled with other ports. • susp—Port is in a suspended state; it is not attached to any aggregator. • indep—Port is in an independent state (not bundled but able to switch data traffic. In this case, LACP is not running on the partner port). • hot-sby—Port is in a hot-standby state. • down—Port is down. LACPDUs Interval Interval setting. LACP Port Priority Port-priority setting. Admin Key Administrative key. Oper Key Operator key. Port Number Port number. Port State State variables for the port that are encoded as individual bits within a single octet with the following meaning [1]: • bit0: LACP_Activity • bit1: LACP_Timeout • bit2: Aggregation • bit3: Synchronization • bit4: Collecting • bit5: Distributing • bit6: Defaulted • bit7: Expired Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-880 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show lacp This example shows how to display the information about the LACP neighbors for a specific port channel: Router# show lacp 1 neighbors Flags: S - Device sends PDUs at slow rate. F - Device sends PDUs at fast rate. A - Device is in Active mode. P - Device is in Passive mode. Channel group 1 neighbors Partner Port System ID Fa4/1 8000,00b0.c23e.d84e Fa4/2 8000,00b0.c23e.d84e Fa4/3 8000,00b0.c23e.d84e Fa4/4 8000,00b0.c23e.d84e Fa4/1 Fa4/2 Fa4/3 Fa4/4 Router# Port Priority 32768 32768 32768 32768 Admin Key 200 200 200 200 Partner Port Number 0x81 0x82 0x83 0x84 Oper Key 200 200 200 200 Age 29s 0s 0s 0s Flags P P P P Port State 0x81 0x81 0x81 0x81 If no PDUs have been received, the default administrative information is displayed in braces. This example shows how to display the LACP system identification: Router> show lacp sys-id 8000,AC-12-34-56-78-90 The system identification is made up of the system priority and the system MAC address. The first 2 bytes are the system priority, and the last 6 bytes are the globally administered individual MAC address that is associated to the system. Related Commands Command Description clear lacp counters Clears the statistics for all interfaces belonging to a specific channel group. lacp port-priority Sets the priority for the physical interfaces. lacp system-priority Sets the priority of the system. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-881 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show logging ip access-list show logging ip access-list To display information about the logging IP access list, use the show logging ip access-list command. show logging ip access-list {cache | config} Syntax Description cache Displays information about all the entries in the OAL cache. config Displays information about the logging IP access-list configuration. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines OAL is supported on IPv4 unicast traffic only. Examples This example shows how to display all the entries in the OAL cache: Router# show logging ip access-list cache Matched flows: id prot src_ip dst_ip sport dport status count total lastlog -------------------------------------------------------------------------------------1 17 20.2.1.82 21.2.12.2 111 63 Permit 0 3906 2d02h 2 17 20.2.1.82 21.2.12.2 1135 63 Permit 0 3906 2d02h 3 17 20.2.1.82 21.2.12.2 2159 63 Permit 0 3906 2d02h 4 17 20.2.1.82 21.2.12.2 3183 63 Permit 0 3906 2d02h 5 17 20.2.1.82 21.2.12.2 4207 63 Permit 0 3906 2d02h 6 17 20.2.1.82 21.2.12.2 5231 63 Deny 0 3906 2d02h 7 17 20.2.1.82 21.2.12.2 6255 63 Deny 0 3906 2d02h 8 17 20.2.1.82 21.2.12.2 7279 63 Permit 0 3906 2d02h 9 17 20.2.1.82 21.2.12.2 8303 63 Permit 0 3906 2d02h 10 17 20.2.1.82 21.2.12.2 9327 63 Permit 0 3905 2d02h 11 17 20.2.1.82 21.2.12.2 10351 63 Permit 0 3905 2d02h Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-882 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show logging ip access-list 12 17 20.2.1.82 3905 2d02h 13 17 20.2.1.82 3905 2d02h 14 17 20.2.1.82 3905 2d02h 15 17 20.2.1.82 3905 2d02h 16 17 20.2.1.82 3905 2d02h 17 17 20.2.1.82 3905 2d02h 18 17 20.2.1.82 3905 2d02h 19 17 20.2.1.82 3905 2d02h 20 17 20.2.1.82 3905 2d02h Number of Number of Number of Number of Router# 21.2.12.2 11375 63 Permit 0 21.2.12.2 12399 63 Deny 0 21.2.12.2 13423 63 Permit 0 21.2.12.2 14447 63 Deny 0 21.2.12.2 15471 63 Permit 0 21.2.12.2 16495 63 Permit 0 21.2.12.2 17519 63 Permit 0 21.2.12.2 18543 63 Permit 0 21.2.12.2 19567 63 Permit 0 entries: 20 messages logged: 112 packets logged: 11200 packets received for logging: 11200 This example shows how to display information about the logging IP access-list configuration: Router# show logging ip access-list config Logging ip access-list configuration Maximum number of cached entries: 8192 Logging rate limiter: 0 Log-update interval: 300 Log-update threshold: 0 Configured on input direction: Vlan2 Vlan1 Configured on output direction: Vlan2 Router# Related Commands Command Description clear logging ip access-list cache Clears all the entries from the OAL cache and sends them to the syslog. logging ip access-list cache (global configuration mode) Configures the OAL parameters. logging ip access-list cache (interface configuration mode) Enables an OAL-logging cache on an interface that is based on direction. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-883 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table show mac-address-table To display the information about the MAC-address table, use the show mac-address-table command. show mac-address-table show mac-address-table {address mac-addr} [all | {interface interface interface-number} | {vlan vlan-id}] show mac-address-table aging-time [vlan vlan-id] show mac-address-table count [vlan vlan-id] show mac-address-table dynamic [{address mac-addr} | {interface interface interface-number} | {vlan vlan-id}] show mac-address-table {interface interface interface-number} show mac-address-table limit [vlan vlan-id | {interface interface}] show mac-address-table multicast [count | {{igmp-snooping | mld-snooping} [count]} | {user [count]} | {vlan vlan-id}] show mac-address-table notification {mac-move | threshold} show mac-address-table static [{address mac-addr} | detail | {interface interface interface-number} | {vlan vlan-id}] show mac-address-table synchronize statistics show mac-address-table unicast-flood show mac-address-table vlan vlan-id Syntax Description address mac-addr Displays information about the MAC-address table for a specific MAC address; see the “Usage Guidelines” section for format guidelines. all (Optional) Displays every instance of the specified MAC address in the forwarding table. interface interface (Optional) Displays information about a specific interface type; possible valid values are ethernet, fastethernet, gigabitethernet, tengigabitethernet, pos, atm, and ge-wan. interface-number Module and port number; see the “Usage Guidelines” section for valid values. vlan vlan-id (Optional) Displays information for a specific VLAN only; valid values are from 1 to 4094. aging-time Displays information about the MAC-address aging time. count Displays the number of entries that are currently in the MAC-address table. dynamic Displays information about the dynamic MAC-address table entries only. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-884 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table limit Displays MAC-usage information. multicast Displays information about the multicast MAC-address table entries only. igmp-snooping Displays the addresses learned by IGMP snooping. mld-snooping Displays the addresses learned by MLDv2 snooping. user Displays the manually entered (static) addresses. notification mac-move Displays the MAC-move notification status. notification threshold Displays the CAM-table utilization notification status. static Displays information about the static MAC-address table entries only. synchronize statistics Displays information about the statistics collected on the switch processor. unicast-flood Displays unicast-flood information. Defaults This command has no default settings. Command Modes Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines If you do not specify a module number, the output of the show mac-address-table command displays information about the supervisor engine. To display information about the MAC-address table of the switch processor, you must enter the all keyword. The mac-addr is a 48-bit MAC address and the valid format is H.H.H. The interface-number argument designates the module and port number. Valid values for interface-number depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. Valid values for mac-group-address are from 1 to 9. The optional count keyword displays the number of multicast entries. The optional multicast keyword displays the multicast MAC addresses (groups) in a VLAN or displays all statically installed or IGMP snooping-learned entries in the Layer 2 table. The information that is displayed in the show mac-address-table unicast-flood command output is as follows: • Up to 50 flood entries, shared across all the VLANs that are not configured to use the filter mode, can be recorded. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-885 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table • The output field displays are defined as follows: – ALERT—Information is updated approximately every 3 seconds. – SHUTDOWN—Information is updated approximately every 3 seconds. Note The information displayed on the destination MAC addresses is deleted as soon as the floods stop after the port shuts down. – Information is updated each time that you install the filter. The information lasts until you remove the filter. The show mac-address-table protocol {assigned | ip | ipx | other} syntax is not supported on Catalyst 6500 series switches that are configured with a Supervisor Engine 720. The keyword definitions for the protocol argument are as follows: • assigned specifies assigned protocol entries. • ip specifies IP protocol. • ipx specifies IPX protocols. • other specifies other protocol entries. The dynamic entries that are displayed in the Learn field are always set to Yes. The show mac-address-table limit command output displays the following information: • The current number of MAC addresses. • The maximum number of MAC entries that are allowed. • The percentage of usage. The show mac-address-table synchronize statistics command output displays the following information: • Number of messages processed at each time interval. • Number of active entries sent for synchronization. • Number of entries updated, created, ignored, or failed. Examples Note In a distributed EARL switch, the asterisk (*) indicates a MAC address that is learned on a port that is associated with this EARL. This example shows how to display the information about the MAC-address table for a specific MAC address (the Catalyst 6500 series switch is configured with a Supervisor Engine 2): Router# show mac-address-table address 001.6441.60ca Codes: * - primary entry vlan mac address type learn qos ports ------+----------------+--------+-----+---+-------------------------Supervisor: * --- 0001.6441.60ca static No -- Router Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-886 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table This example shows how to display MAC-address table information for a specific MAC address (the Catalyst 6500 series switch is configured with a Supervisor Engine 720): Router# show mac-address-table address 0100.5e00.0128 Legend: * - primary entry age - seconds since last seen n/a - not available vlan mac address type learn age ports ------+----------------+--------+-----+----------+-------------------------Supervisor: * 44 0100.5e00.0128 static Yes Fa6/44,Router * 1 0100.5e00.0128 static Yes Router Module 9: * 44 0100.5e00.0128 static Yes Fa6/44,Router * 1 0100.5e00.0128 static Yes Router Router# This example shows how to display the currently configured aging time for all VLANs: Router# Vlan ---*100 200 show mac-address-table aging-time Aging Time ---------300 1000 Router# This example shows how to display the entry count for a specific slot: Router# show mac-address-table count slot 1 MAC Entries on slot 1 : Dynamic Address Count: 4 Static Address (User-defined) Count: 25 Total MAC Addresses In Use: 29 Total MAC Addresses Available: 131072 Router# This example shows how to display all the dynamic MAC-address entries: Router# show mac-address-table dynamic Legend: * - primary entry age - seconds since last seen n/a - not applicable vlan mac address type learn age ports ------+----------------+--------+-----+----------+-------------------------* 10 0010.0000.0000 dynamic Yes n/a Gi4/1 * 3 0010.0000.0000 dynamic Yes 0 Gi4/2 * 1 0002.fcbc.ac64 dynamic Yes 265 Gi8/1 * 1 0009.12e9.adc0 static No Router Router# This example shows how to display the information about the MAC-address table for a specific interface (the Catalyst 6500 series switch is configured with a Supervisor Engine 720): Router# show mac-address-table interface fastethernet 6/45 Legend: * - primary entry age - seconds since last seen n/a - not available vlan mac address type learn age ports ------+----------------+--------+-----+----------+-------------------------* 45 00e0.f74c.842d dynamic Yes 5 Fa6/45 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-887 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table Note A leading asterisk (*) indicates entries from a MAC address that was learned from a packet coming from an outside device to a specific module. This example shows how to display the MAC-move notification status: Router# show mac-address-table notification mac-move MAC Move Notification: Enabled Router# This example shows how to display the CAM-table utilization-notification status: Router# show mac-address-table notification threshold Status limit Interval -------------+-----------+------------enabled 1 120 Router# This example shows how to display unicast-flood information: Router# show mac-address-table unicast-flood Unicast Flood Protection status: enabled Configuration: vlan Kfps action timeout ------+----------+-----------------+---------2 2 alert none Mac filters: No. vlan souce mac addr. installed on time left (mm:ss) -----+------+-----------------+------------------------------+-----------------Flood details: Vlan souce mac addr. destination mac addr. ------+----------------+------------------------------------------------2 0000.0000.cafe 0000.0000.bad0, 0000.0000.babe, 0000.0000.bac0 0000.0000.bac2, 0000.0000.bac4, 0000.0000.bac6 0000.0000.bac8 2 0000.0000.caff 0000.0000.bad1, 0000.0000.babf, 0000.0000.bac1 0000.0000.bac3, 0000.0000.bac5, 0000.0000.bac7 0000.0000.bac9 Router# This example shows how to display all the static MAC-address entries (this Catalyst 6500 series switch is configured with a Supervisor Engine 2): Router# show mac-address-table static Codes: * - primary entry vlan mac address type learn qos ports ------+----------------+--------+-----+---+-------------------------* --- 0001.6441.60ca static No -- Router Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-888 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table This example shows how to display the information about the MAC-address table for a specific VLAN: Router# show mac-address-table vlan 100 vlan mac address type protocol qos ports -----+---------------+--------+---------+---+-------------------------------100 0050.3e8d.6400 static assigned -- Router 100 0050.7312.0cff dynamic ip -- Fa5/9 100 0080.1c93.8040 dynamic ip -- Fa5/9 100 0050.3e8d.6400 static ipx -- Router 100 0050.3e8d.6400 static other -- Router 100 0100.0cdd.dddd static other -- Fa5/9,Router,Switch 100 00d0.5870.a4ff dynamic ip -- Fa5/9 100 00e0.4fac.b400 dynamic ip -- Fa5/9 100 0100.5e00.0001 static ip -- Fa5/9,Switch 100 0050.3e8d.6400 static ip -- Router Router# This example shows how to display the information about the MAC-address table for MLDv2 snooping: Router# show mac-address-table multicast mld-snooping vlan mac address type learn qos ports -----+---------------+--------+-----+---+---------------------------------- 3333.0000.0001 static Yes - Switch,Stby-Switch --- 3333.0000.000d static Yes - Fa2/1,Fa4/1,Router,Switch --- 3333.0000.0016 static Yes - Switch,Stby-Switch Router# Related Commands Command Description mac-address-table aging-time Configures the aging time for entries in the Layer 2 table. mac-address-table limit Enables MAC limiting. mac-address-table Enables MAC-move notification. notification mac-move mac-address-table static Adds static entries to the MAC-address table or configures a static MAC address with IGMP snooping disabled for that address. mac-address-table synchronize Synchronizes the Layer 2 MAC address table entries across the PFC. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-889 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table learning show mac-address-table learning To display the MAC-address learning state, use the show mac-address-table learning command. show mac-address-table learning [{vlan vlan-id} | {interface interface slot/port}] [module num] Syntax Description vlan vlan-id (Optional) Displays information about the MAC-address learning state for the specified switch port VLAN; valid values are from 1 to 4094. interface interface slot/port (Optional) Displays information about the MAC-address learning state for the specified routed interface type, the slot number, and the port number. module num (Optional) Displays information about the MAC-address learning state for the specified module number. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Usage Guidelines The module num keyword and argument can be used to specify supervisor engines only. The interface interface slot/port keyword and arguments can be used on routed interfaces only. The interface interface slot/port keyword and arguments cannot be used to configure learning on switch-port interfaces. If you specify the vlan vlan-id, the state of the MAC-address learning of the specified VLAN, including router interfaces, on all modules, is displayed. If you specify the vlan vlan-id and the module num, the state of the MAC-address learning of a specified VLAN on a specified module is displayed. If you specify the interface interface slot/port keyword and arguments, the state of the MAC-address learning of the specified interface on all modules is displayed. If you specify the interface interface slot/port keyword and arguments, the state of the MAC-address learning of the specified interface on the specified module is displayed. If you enter the show mac-address-table learning command with no arguments or keywords, the status of MAC learning on all the existing VLANs on all the supervisor engines configured on a Catalyst 6500 series switch is displayed. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-890 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table learning Examples This example shows how to display the MAC-address learning status on all the existing VLANs on all the supervisor engines: Router# show mac-address-table learning VLAN/Interface -------------------1 100 150 200 250 1006 1007 1008 1009 1010 1011 1012 1013 1014 GigabitEthernet6/1 GigabitEthernet6/2 GigabitEthernet6/4 FastEthernet3/4 FastEthernet3/5 GigabitEthernet4/1 GigabitEthernet4/2 GigabitEthernet7/1 GigabitEthernet7/2 Mod1 Mod4 Mod7 --------------------yes yes yes yes yes yes yes yes yes yes yes yes yes yes yes no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no no Router# Table 2-78 describes the fields that are shown in the example. Table 2-78 show mac-address-table learning Field Descriptions Field Description VLAN/Interface1 VLAN ID or interface type, module, and port number. Mod# Module number of a supervisor engine. yes MAC-address learning is enabled. no MAC-address learning is disabled. 1. The interfaces displayed are routed interfaces that have internal VLANs assigned to them. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-891 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table learning This example shows how to display the status of MAC-address learning on all the existing VLANs on a single supervisor engine: Router# show mac-address-table learning module 4 VLAN/Interface -------------------1 100 150 200 250 1006 1007 1008 1009 1010 1011 1012 1013 1014 GigabitEthernet6/1 GigabitEthernet6/2 GigabitEthernet6/4 FastEthernet3/4 FastEthernet3/5 GigabitEthernet4/1 GigabitEthernet4/2 GigabitEthernet7/1 GigabitEthernet7/2 Mod4 ----yes yes yes yes yes no no no no no no no no no no no no no no no no no no Router# This example shows how to display the status of MAC-address learning for a specific VLAN on all the supervisor engines: Router# show mac-address-table learning vlan 100 VLAN ---100 Router Mod1 Mod4 Mod7 --------------------no no yes This example shows how to display the status of MAC-address learning for a specific VLAN on a specific supervisor engine: Router# show mac-address-table learning vlan 100 module 7 VLAN ---100 Router Mod7 ----yes Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-892 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mac-address-table learning This example shows how to display the status of MAC-address learning for a specific supervisor engine: Router# show mac-address-table learning interface FastEthernet 3/4 Interface --------Fa3/4 Router Mod1 Mod4 Mod7 --------------------no yes no This example shows how to display the status of MAC-address learning for a specific interface on a specific specific supervisor engine: Router# show mac-address-table learning interface FastEthernet 3/4 module 1 Interface --------Fa3/4 Router Related Commands Mod1 ----no Command Description mac-address-table learning Enables MAC-address learning. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-893 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show memory dead show memory dead To display statistics of memory allocated by processes that are now terminated, use the show memory dead command. show memory dead [totals] Syntax Description totals Command Modes User EXEC Privileged EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. (Optional) Displays memory totals for processes that have been terminated. Usage Guidelines The show memory dead command displays information about processes that have been terminated. Terminated processes accounts for memory allocated under another process. Examples This example shows the sample output from the show memory dead command: Router# show memory dead I/O Head 600000 Total(b) 2097152 Used(b) 461024 Free(b) 1636128 Lowest(b) 1635224 Largest(b) 1635960 Processor memory Address 1D8310 2CA964 2CAA04 2CAAA0 2ED714 2F12AC 2F1304 2F1348 300C28 Bytes 60 36 112 68 52 44 24 68 340 Prev. 1D82C8 2CA914 2CA9B4 2CAA04 2ED668 2F124C 2F12AC 2F1304 300A14 Next 1D8378 2CA9B4 2CAAA0 2CAB10 2ED774 2F1304 2F1348 2F13B8 300DA8 Ref 1 1 1 1 1 1 1 1 1 PrevF NextF Alloc PC 3281FFE 3281FFE 3A42144 3A420D4 3381C84 3A50234 3A420D4 3381C84 3381B42 What Router Init Router Init OSPF Stub LSA RBTree Router Init Router Init Router Init Router Init Router Init Router Init Table 2-79 describes the significant fields shown in the display. Table 2-79 show memory dead Field Descriptions Field Description Head Hexadecimal address of the head of the memory allocation chain. Total(b) Sum of used bytes plus free bytes. Used(b) Amount of memory in use. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-894 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show memory dead Table 2-79 show memory dead Field Descriptions (continued) Field Description Free(b) Amount of memory not in use (in bytes). Lowest(b) Smallest amount of free memory since last boot (in bytes). Largest(b) Size of the largest available free block (in bytes). Address Hexadecimal address of the block (in bytes). Bytes Size of the block (in bytes). Prev. Address of the preceding block. Next Address of the following block. Ref Reference count for that memory block, indicating how many different processes are using that block of memory. PrevF Address of the preceding free block (if free). NextF Address of the following free block (if free). Alloc PC Address of the system call that allocated the block. What Name of the process that owns the block, or “(fragment)” if the block is a fragment, or “(coalesced)” if the block was coalesced from adjacent free blocks. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-895 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls asic show mls asic To display the ASIC version, use the show mls asic command. show mls asic Syntax Description This command has no keywords or arguments. Defaults This command has no default settings. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Examples This example shows how to display the ASIC versions: Router# show mls asic Earl in Module 2 Tycho - ver:1 Cisco-id:1C8 Vendor-id:49 Router# Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-896 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef show mls cef To display the MLS-hardware Layer 3-switching table entries, use the show mls cef command. show mls cef [ip] [prefix [mask-length | load-info]] [detail] [module number] show mls cef [ip] [{lookup ...} | {multicast ...} | {rpf ...} | {vpn ...} | {vrf ...}] show mls cef [{adjacency ...} | {block block-number [entries]} | {config-register reg-address} | {diags [detail]} | {entry index [detail]} | {exact-route ...} | {hardware [module number]} | {inconsistency ...} | {lookup ...} | {masks [type] [module number]} | {rpf ...} | {statistics ...} | {summary [module number]} | {tunnel fragment} | {used-blocks [type] [module number]} | {vpn ...} | {vrf ...}] show mls cef [{eom ...} | {ip ...} | {ipv6 ...} | {mpls ...}] Syntax Description ip (Optional) Displays IPv6 unicast entries in the MLS-hardware Layer 3-switching table; see the “Usage Guidelines” section for additional information. prefix (Optional) Entry prefix in the format A.B.C.D. mask-length (Optional) Mask length; valid values are from 0 to 32. load-info (Optional) Displays output with a hash value next to each adjacency. detail (Optional) Displays detailed hardware information. See the “Usage Guidelines” section for important information. module number (Optional) Displays information about the entries for a specific module. lookup ... (Optional) Displays IP entries in the MLS-hardware Layer 3-switching table for the specified destination IP address. See the show mls cef lookup command. multicast ... (Optional) Displays IP entries in the MLS-hardware Layer 3-switching table in the compact CEF table display format; see the show mls cef ip multicast command. rpf ... (Optional) Displays information about the RPF hardware in the MLS-hardware Layer 3-switching table; see the show mls cef rpf command. vpn ... (Optional) Displays information about the VPN ID CEF table. See the “Usage Guidelines” section for important information. vrf ... (Optional) Displays information about the CEF table for the specified VRF name. adjacency ... (Optional) Displays information about the MLS-hardware Layer 3-switching adjacency node; see the show mls cef adjacency command. block block-number (Optional) Displays information about the mask-block utilization for a specific block; valid values are from 0 to 4294967295. See the “Usage Guidelines” section for important information. entries (Optional) Displays the mask-block utilization entries. See the “Usage Guidelines” section for important information. config-register reg-address (Optional) Displays information about the hardware configuration register for a specific register. See the “Usage Guidelines” section for important information. diags (Optional) Displays information about the diagnostic entry. See the “Usage Guidelines” section for important information. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-897 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef entry index (Optional) Specifies the specified prefix entry index to display; valid values are from 0 to 4294967295. See the “Usage Guidelines” section for important information. exact-route ... (Optional) Displays information about hardware load sharing; see the show mls cef exact-route command. hardware (Optional) Displays a summary of the hardware information. See the “Usage Guidelines” section for important information. inconsistency ... (Optional) Displays information about the consistency checker; see the show mls cef inconsistency command. masks ... (Optional) Displays information about the mask. See the “Usage Guidelines” section for important information. statistics ... (Optional) Displays the number of switched packets and bytes; see the show mls cef statistics command. tunnel fragment (Optional) Displays the operational status of tunnel fragmentation. summary ... (Optional) Displays a summary of rates in the hardware for each protocol; see the show mls cef summary command. used-blocks (Optional) Displays a list of used blocks; see the “Usage Guidelines” section for important information. eom ... Displays information about the EoM protocol; this keyword is not supported. ip ... Displays information about the IP protocol; see the “Usage Guidelines” section for additional information. ipv6 ... Displays information about the IPv6 protocol. mpls ... Displays information about MPLS; see the show mls cef mpls command. Defaults If you do not specify a protocol, the default display is for IP and the global CEF table. Command Modes EXEC Command History Release Modification 12.2(18)ZY Support for this command was introduced. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-898 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef Usage Guidelines The ... indicates that there is additional information. The following options are for expert users only and are not documented: • load-info • detail • block block-number [entries] • config-register reg-address} • diags [detail] • entry index [detail] • hardware [module number] • masks [type] • used-blocks [type] • vpn The MLS-hardware Layer 3 switching applies to IP traffic only. Use the show mls cef [ip] vrf command to display the VRF CEF table entries. You can enter this command on the supervisor engine or switch consoles. Enter the remote login command to session into the supervisor engine to enter the commands. The show mls cef command offers three levels of options as follows: • Protocol-independent options—The following keywords are not protocol specific: – adjacency – exact-route – inconsistency – module – rpf – statistics – summary – used-blocks – vpn – vrf • Protocol-dependent keywords—The following keywords specify a protocol: – eom – ip – ipv6 – mpls • Default keywords—The following keywords display identical output for both the show mls cef and show mls cef ip commands: – prefix – lookup Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-899 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef – multicast—This keyword is not supported on systems configured with a Supervisor Engine 720. – module – rpf – vpn – vrf Examples This example shows how the show mls cef and show mls cef ip commands are identical: Router# show mls cef Codes: decap - Decapsulation, + - Push Label Index Prefix Adjacency 64 127.0.0.51/32 punt 65 127.0.0.0/32 punt 66 127.255.255.255/32 punt 67 1.1.1.100/32 punt 68 1.1.1.0/32 punt 69 1.1.1.255/32 punt 70 2.2.2.100/32 punt 71 2.2.2.0/32 punt 72 2.2.2.255/32 punt 73 2.2.2.5/32 Gi5/2, 0000.c005.0205 74 0.0.0.0/32 punt 75 255.255.255.255/32 punt 76 200.1.22.22/32 punt 77 200.0.0.0/32 punt 78 200.255.255.255/32 punt 79 200.1.1.153/32 Vl30, 0050.808b.8200 81 200.1.1.91/32 Vl30, 0004.4eef.8800 82 200.1.1.100/32 Vl30, 00d0.bb02.0400 83 200.12.223.3/32 Vl30, 00d0.061b.7000 84 200.2.5.3/32 Vl30, 00d0.061d.200a 85 200.1.1.101/32 Vl30, 0007.ecfc.e40a 86 200.0.100.1/32 Vl30, 0050.2a8d.700a 87 200.1.1.104/32 Vl30, 0050.0f2d.ac00 88 223.255.254.226/32 Vl30, 0050.2a8d.700a 89 2.2.2.7/32 Gi5/2, 0000.c005.0207 90 1.1.1.5/32 Gi5/1, 0000.0101.0105 3200 224.0.0.0/24 punt 3201 1.1.1.0/24 punt 3202 2.2.2.0/24 punt 134400 200.0.0.0/8 punt 134432 0.0.0.0/0 drop 524256 0.0.0.0/0 drop Router# This example shows how to display all the MLS-hardware Layer 3-switching table IP entries: Router# show mls cef ip Codes: Index 64 65 66 67 68 69 decap - Decapsulation, + - Push Label Prefix Adjacency 127.0.0.51/32 punt 127.0.0.0/32 punt 127.255.255.255/32 punt 1.1.1.100/32 punt 1.1.1.0/32 punt 1.1.1.255/32 punt Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-900 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef 70 2.2.2.100/32 71 2.2.2.0/32 72 2.2.2.255/32 73 2.2.2.5/32 74 0.0.0.0/32 75 255.255.255.255/32 76 200.1.22.22/32 77 200.0.0.0/32 78 200.255.255.255/32 79 200.1.1.153/32 81 200.1.1.91/32 82 200.1.1.100/32 83 200.12.223.3/32 84 200.2.5.3/32 85 200.1.1.101/32 86 200.0.100.1/32 87 200.1.1.104/32 88 223.255.254.226/32 89 2.2.2.7/32 90 1.1.1.5/32 3200 224.0.0.0/24 3201 1.1.1.0/24 3202 2.2.2.0/24 134400 200.0.0.0/8 134432 0.0.0.0/0 524256 0.0.0.0/0 Router# punt punt punt Gi5/2, punt punt punt punt punt Vl30, Vl30, Vl30, Vl30, Vl30, Vl30, Vl30, Vl30, Vl30, Gi5/2, Gi5/1, punt punt punt punt drop drop 0000.c005.0205 0050.808b.8200 0004.4eef.8800 00d0.bb02.0400 00d0.061b.7000 00d0.061d.200a 0007.ecfc.e40a 0050.2a8d.700a 0050.0f2d.ac00 0050.2a8d.700a 0000.c005.0207 0000.0101.0105 Table 2-80 describes the fields in the examples. Table 2-80 show mls cef Command Output Fields Field Description Index MLS-hardware Layer 3-switching table entry index; the maximum is 256,000 entries. Prefix Entry prefix address/mask. Adjacency Adjacency types are as follows: • drop—Packets matching the prefix entry are dropped. • punt—Packets are redirected to an PISA for further processing. • mac-address—Packets matching the prefix are forwarded to this specific next hop or the final destination host if directly attached. This example shows how to display the operational status of tunnel fragmentation: Router# show mls cef tunnel fragment Tunnel Fragmentation: Enabled Router# Related Commands Command Description show mls cef summary Displays the number of routes in the MLS-hardware Layer 3-switching table for all the protocols. Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY OL-11437-01 2-901 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef adjacency show mls cef adjacency To display information about the MLS-hardware Layer 3-switching adjacency node, use the show mls cef adjacency command. show mls cef adjacency [all | decap-tunnel | {encap-tunnel ip-src-addr} | {entry index [to end-range]} | {flags lower-flag upper-flag} | mac-address number | mac-rewrite | macv4 | {mpls [label]} | multicast | nat | recirculation | special | tcp | usage] [detail] [module number] Syntax Description all (Optional) Displays all application-allocated entries. decap-tunnel (Optional) Displays the decapsulated tunneled-packet information. encap-tunnel ip-src-addr (Optional) Displays the encapsulated tunnel-adjacency entry that matches the specified address. entry index (Optional) Displays the adjacency-entry information for the specified index; valid values are from 0 to 1048575. to end-range (Optional) Specifies the index range to display adjacency-entry information; valid values are from 0 to 1048575. flags (Optional) Displays information about the specified bit flags. See the “Usage Guidelines” section for additional information. lower-flag Lower 32-bits flag values to display; valid values are 0 to FFFFFFFF. upper-flag Upper 32-bits flag values to display; valid values are 0 to FFFFFFFF. mac-address number (Optional) Displays information about the matched MAC-address adjacency for the specified 48-bit hardware address in the H.H.H format. mac-rewrite (Optional) Displays information about the MAC-rewrite adjacency. macv4 (Optional) Displays information about the MACv4 adjacency. mpls (Optional) Displays information about the MPLS adjacency. label (Optional) MPLS label to display adjacency-entry information; valid values are from 0 to 1048575. multicast (Optional) Displays information about the multicast adjacency. nat (Optional) Displays information about the NAT adjacency. recirculation (Optional) Displays information about the recirculated-adjacency entry. special (Optional) Displays information about the special adjacencies. tcp (Optional) Displays information about the TCP-application adjacency. usage (Optional) Displays information about the adjacency usage. detail (Optional) Displays hardware-entry details. module number (Optional) Displays information about the adjacency node for a specific module. Defaults This command has no default settings. Command Modes EXEC Catalyst Supervisor Engine 32 PISA Cisco IOS Software Command Reference—Release 12.2ZY 2-902 OL-11437-01 Chapter 2 Cisco IOS Commands for the Catalyst 6500 Series Switches with the Supervisor Engine 32 PISA show mls cef adjacency Command History Usage Guidelines Release Modification 12.2(18)ZY Support for this command was introduced. The decap-tunnel and endcap-tunnel keywords are used to display the tunnel nodes. The encapsulator node is considered the tunnel-entry point and the decapsulator node is considered the tunnel-exit point. There may be multiple source-destination pairs using the same tunnel between the encapsulator and decapsulator. The decap-tunnel and endcap-tunnel keywords are not supported on Catalyst 6500 series switches that are configured with a Supervisor Engine 720. The flags keyword applies to all adjacency formats (for example, mac-rewrite, mpls, and multicast) and indicates the bits that are set in the adjacency for the specific adjacency. The module number keyword and argument designate the module and port number. Valid values depend on the chassis and module used. For example, if you have a 48-port 10/100BASE-T Ethernet module installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48. MLS-hardware Layer 3 switching applies to IP traffic only. MLS-hardware Layer 3-switching adjacency statistics are updated every 60 seconds. You can display hardware-switched IP-directed broadcast information by entering the show mls cef adjacency mac-address number detail command. For each MLS-hardware Layer 3-switching FIB entry, MLS-hardware Layer 3 switching stores Layer 2 information from the PISA for adjacent nodes in the MLS-hardware Layer 3-switching adjacency table. Adjacent nodes are directly connected at Layer 2. To forward traffic, MLS-hardware Layer 3 switching selects a route from a MLS-hardware Layer 3-switching FIB entry, which points to a MLS-hardware Layer 3-switching adjacency entry, and uses the Layer 2 header for the adjacent node in the adjacency table entry to rewrite the packet during Layer 3 switching. MLS-hardware Layer 3 switching supports one million adjacency-table entries. Examples This example shows how to display information for all adjacency nodes: Router# show mls cef adjacency all Index: 5 smac: 0000.0000.0000, dmac: 0000.0000.0000 mtu: 0, vlan: 0, dindex: 0x0, l3rw_vld: 0 packets: 0, bytes: 0 Index: 32773 smac: 0000.0000.0000, dmac: 0000.0000.0000 mtu: 0, vlan: 0, dindex: 0x0, l3rw_vld: 0 packets: 0, bytes: 0
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.4 Linearized : Yes Page Count : 1396 Page Mode : UseOutlines XMP Toolkit : XMP toolkit 2.9.1-13, framework 1.6 About : uuid:33ccd995-354f-4f35-8994-41ce1add256c Producer : Acrobat Distiller 6.0 (Windows) Create Date : 2007:04:30 16:14:59-07:00 Creator Tool : FrameMaker 5.5.6p145 Modify Date : 2007:04:30 16:14:59-07:00 Document ID : uuid:a2642fea-8991-49a6-b92f-5d98ce5c514f Format : application/pdf Title : untitled Creator : FrameMaker 5.5.6p145EXIF Metadata provided by EXIF.tools