Command Line Interface Guide
Page 28
...the management connections. The Global Configuration mode command interface ethernet is used to define management access-lists. Contains commands to configure port-channels, for use on a UNIX system. Contains commands to the switch console port, or via a Telnet connection, ensure ...Configuration mode. • Interface - The Global Configuration mode command interface ethernet is very similar to enter the VLAN Database Interface Configuration mode. • Management Access List - Using the switch command-line interface (CLI) is used to modify specific interface operations...
...the management connections. The Global Configuration mode command interface ethernet is used to define management access-lists. Contains commands to configure port-channels, for use on a UNIX system. Contains commands to the switch console port, or via a Telnet connection, ensure ...Configuration mode. • Interface - The Global Configuration mode command interface ethernet is very similar to enter the VLAN Database Interface Configuration mode. • Management Access List - Using the switch command-line interface (CLI) is used to modify specific interface operations...
Command Line Interface Guide
Page 39
... Displays the DHCP snooping configuration. Global Configuration ip dhcp snooping trust Configures a port as trusted for all interfaces on a switch. Interface Configuration (Ethernet, port-channel) ip dhcp snooping information option allowed-untrusted Configures a switch to verify that on a VLAN. Global Configuration ip dhcp snooping database Configures the DHCP snooping binding file. Configuration Disables...
... Displays the DHCP snooping configuration. Global Configuration ip dhcp snooping trust Configures a port as trusted for all interfaces on a switch. Interface Configuration (Ethernet, port-channel) ip dhcp snooping information option allowed-untrusted Configures a switch to verify that on a VLAN. Global Configuration ip dhcp snooping database Configures the DHCP snooping binding file. Configuration Disables...
Command Line Interface Guide
Page 62
... single-hostviolation Configures the action to that VLAN. uration (Ethernet) dot1x macauthentication Enables authentication based on the interface access to auto. 802.1x Advanced Commands dot1x auth-not-req Enables unauthorized ...this command Interface Config- vlan Interface Configuration show dot1x advanced Displays 802.1X advanced features for the switch or for the Privileged EXEC specified interface. 62 Command Groups to return to access the interface. (Ethernet) dot1x guest-vlan Defines a Guest VLAN. uration (VLAN) dot1x guest-vlan enable Enables unauthorized...
... single-hostviolation Configures the action to that VLAN. uration (Ethernet) dot1x macauthentication Enables authentication based on the interface access to auto. 802.1x Advanced Commands dot1x auth-not-req Enables unauthorized ...this command Interface Config- vlan Interface Configuration show dot1x advanced Displays 802.1X advanced features for the switch or for the Privileged EXEC specified interface. 62 Command Groups to return to access the interface. (Ethernet) dot1x guest-vlan Defines a Guest VLAN. uration (VLAN) dot1x guest-vlan enable Enables unauthorized...
Command Line Interface Guide
Page 68
...Extensible Authentication Protocol (EAP) - Configures the priority value for an interface. Configures the full/half duplex operation of a given ethernet interface when not using stateless autoconfiguration on an interface. Reserves a VLAN as the internal usage VLAN of seconds between re-...Configures Multicast Listener Discovery (MLD) reporting for a specified group. Configures the number of consecutive neighbor solicitation messages that the switch remains in the quiet state following a failed authentication exchange. dot1x single-host-violation dot1x timeout quiet-period dot1x timeout ...
...Extensible Authentication Protocol (EAP) - Configures the priority value for an interface. Configures the full/half duplex operation of a given ethernet interface when not using stateless autoconfiguration on an interface. Reserves a VLAN as the internal usage VLAN of seconds between re-...Configures Multicast Listener Discovery (MLD) reporting for a specified group. Configures the number of consecutive neighbor solicitation messages that the switch remains in the quiet state following a failed authentication exchange. dot1x single-host-violation dot1x timeout quiet-period dot1x timeout ...
Command Line Interface Guide
Page 158
...no form of this setting you can only use either an ethernet standard cross-over cable to connect to a PC, or an ethernet standard cable to connect to another switch ONLY with a normal cable and to connect to another switch. Syntax • back-pressure • no mdix", the ...duplex mode is set to "no back-pressure Default Configuration Back Pressure is enabled on a given interface. Console(config)# interface ethernet g5 Console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration mode command enables Back Pressure on g5. Command Mode Interface...
...no form of this setting you can only use either an ethernet standard cross-over cable to connect to a PC, or an ethernet standard cable to connect to another switch ONLY with a normal cable and to connect to another switch. Syntax • back-pressure • no mdix", the ...duplex mode is set to "no back-pressure Default Configuration Back Pressure is enabled on a given interface. Console(config)# interface ethernet g5 Console(config-if)# mdix auto back-pressure The back-pressure Interface Configuration mode command enables Back Pressure on g5. Command Mode Interface...
Command Line Interface Guide
Page 180
...as trusted ports those that are connected to drop these packets from an untrusted port. Command Mode Interface Configuration (Ethernet, Port-channel) mode. ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode... command on a switch configures the switch to enabling DHCP snooping on a VLAN, globally enable DHCP snooping. Use the no ip dhcp snooping trust Default Configuration...
...as trusted ports those that are connected to drop these packets from an untrusted port. Command Mode Interface Configuration (Ethernet, Port-channel) mode. ip dhcp snooping information option allowed-untrusted The ip dhcp snooping information option allowed-untrusted Global Configuration mode... command on a switch configures the switch to enabling DHCP snooping on a VLAN, globally enable DHCP snooping. Use the no ip dhcp snooping trust Default Configuration...
Command Line Interface Guide
Page 185
...-address - Example The following VLANs: 2, 7-18 DHCP snooping database: enabled Verification of hwaddr field is configured on a switch. Console # show ip dhcp snooping DHCP snooping is enabled DHCP snooping is enabled Interface Trusted g1 Yes g2 Yes show ...• vlan-id - Default Configuration This command has no default configuration. Specify Port-channel number. Command Mode EXEC mode. Specify Ethernet port. • port-channel-number - DHCP Snooping 185 Default Configuration This command has no default configuration. User Guidelines • There...
...-address - Example The following VLANs: 2, 7-18 DHCP snooping database: enabled Verification of hwaddr field is configured on a switch. Console # show ip dhcp snooping DHCP snooping is enabled DHCP snooping is enabled Interface Trusted g1 Yes g2 Yes show ...• vlan-id - Default Configuration This command has no default configuration. Specify Port-channel number. Command Mode EXEC mode. Specify Ethernet port. • port-channel-number - DHCP Snooping 185 Default Configuration This command has no default configuration. User Guidelines • There...
Command Line Interface Guide
Page 192
...following example shows how to display GVRP configuration information: Console# show gvrp statistics [ethernet interface | port-channel port-channel-number] • interface - Syntax • show gvrp configuration GVRP Feature is currently enabled on the switch. Registration Dynamic Timers Leave Status VLAN (milliseconds) Creation Join g1 Enabled Normal Enabled ... statistics User EXEC mode command displays GVRP statistics. Default Configuration This command has no user guidelines for this command. A valid Ethernet interface. • port-channel-number -
...following example shows how to display GVRP configuration information: Console# show gvrp statistics [ethernet interface | port-channel port-channel-number] • interface - Syntax • show gvrp configuration GVRP Feature is currently enabled on the switch. Registration Dynamic Timers Leave Status VLAN (milliseconds) Creation Join g1 Enabled Normal Enabled ... statistics User EXEC mode command displays GVRP statistics. Default Configuration This command has no user guidelines for this command. A valid Ethernet interface. • port-channel-number -
Command Line Interface Guide
Page 264
Example The following example displays the Link Layer Discovery Protocol (LLDP) information that is advertised from port g1. Switch# show lldp local ethernet g1 Device ID: 0060.704C.73FF Port ID: 1 Capabilities: Bridge System Name: ts-7800-1 System description: Port description: Management ...Connectivity LLDP-MED Network policy Application type: Voice Flags: Tagged VLAN VLAN ID: 2 Layer 2 priority: 0 DSCP: 0 LLDP-MED Power over Ethernet Device Type: Power Sourcing Entity Power source: Primary Power Source Power priority: High Power value: 9.6 Watts LLDP-MED Location Coordinates: 54:53:c1:...
Example The following example displays the Link Layer Discovery Protocol (LLDP) information that is advertised from port g1. Switch# show lldp local ethernet g1 Device ID: 0060.704C.73FF Port ID: 1 Capabilities: Bridge System Name: ts-7800-1 System description: Port description: Management ...Connectivity LLDP-MED Network policy Application type: Voice Flags: Tagged VLAN VLAN ID: 2 Layer 2 priority: 0 DSCP: 0 LLDP-MED Power over Ethernet Device Type: Power Sourcing Entity Power source: Primary Power Source Power priority: High Power value: 9.6 Watts LLDP-MED Location Coordinates: 54:53:c1:...
Command Line Interface Guide
Page 267
Example The following example displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration. Switch# show lldp med configuration Network policy 1 Application type: Voice VLAN ID: 2 tagged Layer 2 priority: 0 DSCP: 0 Port ---------g1 g2 g3 Capabilities ---------Yes Yes Yes Network Policy ---------Yes: 1 Yes: 1 No Location -------Yes Yes No PoE ---Yes Yes Yes Switch# show lldp med configuration ethernet g1 Port ---------g1 Capabilities ---------Yes Network Policy ---------Yes: 1 Location -------Yes PoE ---Yes LLDP Commands 267
Example The following example displays the Link Layer Discovery Protocol (LLDP) Media Endpoint Discovery (MED) configuration. Switch# show lldp med configuration Network policy 1 Application type: Voice VLAN ID: 2 tagged Layer 2 priority: 0 DSCP: 0 Port ---------g1 g2 g3 Capabilities ---------Yes Yes Yes Network Policy ---------Yes: 1 Yes: 1 No Location -------Yes Yes No PoE ---Yes Yes Yes Switch# show lldp med configuration ethernet g1 Port ---------g1 Capabilities ---------Yes Network Policy ---------Yes: 1 Location -------Yes PoE ---Yes LLDP Commands 267
Command Line Interface Guide
Page 297
...• To return to the untrusted state, use the no need to classify the packets at the edge, the switch port within the domain. • Use this command to apply best effort service. User Guidelines • Packets entering... a quality of service (QoS) domain are classified at every switch within the QoS domain can be configured to disable the trust mode on each port. Syntax • qos trust ... mode. Default Configuration CoS is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode.
...• To return to the untrusted state, use the no need to classify the packets at the edge, the switch port within the domain. • Use this command to apply best effort service. User Guidelines • Packets entering... a quality of service (QoS) domain are classified at every switch within the QoS domain can be configured to disable the trust mode on each port. Syntax • qos trust ... mode. Default Configuration CoS is enabled. Command Mode Interface Configuration (Ethernet, port-channel) mode.
Command Line Interface Guide
Page 353
... should be used only with interfaces connected to disable PortFast mode. Example The following example enables PortFast on g5 to expire. Console(config)# interface ethernet g5 Console(config-if)# spanning-tree port-priority 96 spanning-tree portfast The spanning-tree portfast Interface Configuration mode command enables PortFast mode. Use the... no user guidelines for the timer to 96. Otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operations. User Guidelines • There are no form of this command.
... should be used only with interfaces connected to disable PortFast mode. Example The following example enables PortFast on g5 to expire. Console(config)# interface ethernet g5 Console(config-if)# spanning-tree port-priority 96 spanning-tree portfast The spanning-tree portfast Interface Configuration mode command enables PortFast mode. Use the... no user guidelines for the timer to 96. Otherwise, an accidental topology loop could cause a data packet loop and disrupt switch and network operations. User Guidelines • There are no form of this command.
Command Line Interface Guide
Page 354
...for the specified spanning-tree instance. (Range: 0 - 61440 in multiples of a port from the duplex mode. User Guidelines • The switch derives the link type of 4096) 354 Spanning-Tree Commands A full-duplex port is considered a point-to-point link, and a half-...priority Global Configuration mode command configures the device priority for this command to -point. • shared - Command Modes Interface Configuration (Ethernet, port-channel) mode. spanning-tree link-type The spanning-tree link-type Interface Configuration mode command overrides the default link-type setting....
...for the specified spanning-tree instance. (Range: 0 - 61440 in multiples of a port from the duplex mode. User Guidelines • The switch derives the link type of 4096) 354 Spanning-Tree Commands A full-duplex port is considered a point-to-point link, and a half-...priority Global Configuration mode command configures the device priority for this command to -point. • shared - Command Modes Interface Configuration (Ethernet, port-channel) mode. spanning-tree link-type The spanning-tree link-type Interface Configuration mode command overrides the default link-type setting....
Command Line Interface Guide
Page 363
... spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (force the renegotiation with neighboring switches) on all interfaces. A valid Ethernet port. • port-channel-number - Default Configuration The default definition is disabled on an interface. ...• flooding - Spanning-Tree Commands 363 Syntax • clear spanning-tree detected-protocols [ethernet interface number | port-channel port-channel- number] • interface - Example The following example defines BPDU packet flooding when ...
... spanning-tree detected-protocols Privileged EXEC mode command restarts the protocol migration process (force the renegotiation with neighboring switches) on all interfaces. A valid Ethernet port. • port-channel-number - Default Configuration The default definition is disabled on an interface. ...• flooding - Spanning-Tree Commands 363 Syntax • clear spanning-tree detected-protocols [ethernet interface number | port-channel port-channel- number] • interface - Example The following example defines BPDU packet flooding when ...
Command Line Interface Guide
Page 364
... - ID associated with neighboring switches) on g1. Command Modes Privileged EXEC mode. Port channel index. (Range: Valid Ethernet port) • instance-id - User Guidelines • There are no default configuration. Ethernet port number. (Range: Valid Ethernet port) • port-channel...(forces the renegotiation with a spanning-tree instance. Display active ports only. • blockedports - Syntax • show spanning-tree [ ethernet interface-number | port-channel port-channel-number ] [instance instance-id] • show spanning-tree [detail] [active | blockedports] [...
... - ID associated with neighboring switches) on g1. Command Modes Privileged EXEC mode. Port channel index. (Range: Valid Ethernet port) • instance-id - User Guidelines • There are no default configuration. Ethernet port number. (Range: Valid Ethernet port) • port-channel...(forces the renegotiation with a spanning-tree instance. Display active ports only. • blockedports - Syntax • show spanning-tree [ ethernet interface-number | port-channel port-channel-number ] [instance instance-id] • show spanning-tree [detail] [active | blockedports] [...
Command Line Interface Guide
Page 376
... this command to disable root guard on the interface. When root guard is disabled. User Guidelines • Root guard can be the switch root port. Use the no spanning-tree guard root Default Configuration Root guard is enabled, if spanning-tree calculations cause a port to ...be selected as the root port, the port transitions to be enabled when the switch work in STP, RSTP and MSTP. Command Modes Interface Configuration (Ethernet, port-channel) mode. Console(config)# interface ethernet g8 Console(config-if)# spanning-tree guard root 376 Spanning-Tree Commands Example The ...
... this command to disable root guard on the interface. When root guard is disabled. User Guidelines • Root guard can be the switch root port. Use the no spanning-tree guard root Default Configuration Root guard is enabled, if spanning-tree calculations cause a port to ...be selected as the root port, the port transitions to be enabled when the switch work in STP, RSTP and MSTP. Command Modes Interface Configuration (Ethernet, port-channel) mode. Console(config)# interface ethernet g8 Console(config-if)# spanning-tree guard root 376 Spanning-Tree Commands Example The ...
Command Line Interface Guide
Page 460
... Default Configuration Depends on the specific box. console# config console(config)# interface ethernet g1 console(config-if)# switchport mode customer switchport customer vlan The switchport customer vlan Interface Configuration (Ethernet, port-channel) mode command sets the port's VLAN when the interface is in... a provider network. • access - Used when the switch is connected to customer equipment. Use the no form of...
... Default Configuration Depends on the specific box. console# config console(config)# interface ethernet g1 console(config-if)# switchport mode customer switchport customer vlan The switchport customer vlan Interface Configuration (Ethernet, port-channel) mode command sets the port's VLAN when the interface is in... a provider network. • access - Used when the switch is connected to customer equipment. Use the no form of...
Command Line Interface Guide
Page 493
...• dot1x port-control {auto | force-authorized | force-unauthorized} • no arguments or keywords. 802.1x Commands 493 The switch cannot provide authentication services to the client through this command to return to the unauthorized state, ignoring all access through the interface. Command ...8226; It is recommended to disable spanning tree or to authenticate. Default Configuration force-authorized. Console (config)# interface ethernet g8 Console (config-if)# dot1x port-control auto dot1x re-authentication The dot1x re-authentication Interface Configuration mode command ...
...• dot1x port-control {auto | force-authorized | force-unauthorized} • no arguments or keywords. 802.1x Commands 493 The switch cannot provide authentication services to the client through this command to return to the unauthorized state, ignoring all access through the interface. Command ...8226; It is recommended to disable spanning tree or to authenticate. Default Configuration force-authorized. Console (config)# interface ethernet g8 Console (config-if)# dot1x port-control auto dot1x re-authentication The dot1x re-authentication Interface Configuration mode command ...
Command Line Interface Guide
Page 495
... setting. Syntax • dot1x timeout quiet-period seconds • no default configuration. Time in seconds that the switch remains in quiet state following a failed authentication exchange for 60 seconds. Command Mode Interface Configuration (Ethernet) mode. 802.1x Commands 495 dot1x re-authenticate The dot1x re-authenticate Privileged EXEC mode command manually initiates...
... setting. Syntax • dot1x timeout quiet-period seconds • no default configuration. Time in seconds that the switch remains in quiet state following a failed authentication exchange for 60 seconds. Command Mode Interface Configuration (Ethernet) mode. 802.1x Commands 495 dot1x re-authenticate The dot1x re-authenticate Privileged EXEC mode command manually initiates...
Command Line Interface Guide
Page 496
..., such as unreliable links or specific behavioral problems with certain clients and authentication servers. 496 802.1x Commands Console (config)# interface ethernet g8 Console (config-if)# dot1x timeout quiet-period 3600 dot1x timeout tx-period The dot1x timeout tx-period Interface Configuration mode command ...sets the number of seconds that the switch should wait for a response to an EAP -request/identity frame from client before resending the request. Time in the quiet state ...
..., such as unreliable links or specific behavioral problems with certain clients and authentication servers. 496 802.1x Commands Console (config)# interface ethernet g8 Console (config-if)# dot1x timeout quiet-period 3600 dot1x timeout tx-period The dot1x timeout tx-period Interface Configuration mode command ...sets the number of seconds that the switch should wait for a response to an EAP -request/identity frame from client before resending the request. Time in the quiet state ...